CVE-2021-38461

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:auvesy:versiondog:*:*:*:*:*:*:*:*

Information

Published : 2021-10-22 12:15

Updated : 2021-10-27 16:10


NVD link : CVE-2021-38461

Mitre link : CVE-2021-38461


JSON object : View

Products Affected

auvesy

  • versiondog
CWE
CWE-321

Use of Hard-coded Cryptographic Key