Vulnerabilities (CVE)

Filtered by vendor Cbot Subscribe
Filtered by product Cbot Core
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-2887 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 9.8 CRITICAL
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2884 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 9.8 CRITICAL
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2885 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 8.1 HIGH
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2883 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 8.8 HIGH
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2882 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 9.8 CRITICAL
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2886 1 Cbot 2 Cbot Core, Cbot Panel 2024-02-28 N/A 4.3 MEDIUM
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.