Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2887 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 9.8 CRITICAL |
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||
CVE-2023-2884 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 9.8 CRITICAL |
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||
CVE-2023-2885 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 8.1 HIGH |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||
CVE-2023-2883 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 8.8 HIGH |
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||
CVE-2023-2882 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 9.8 CRITICAL |
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||
CVE-2023-2886 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 4.3 MEDIUM |
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |