Security Advisory

CVE-2023-37291

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-21 03:02:50

Last updated 2024-10-24 14:31:28

Assigner twcert

State PUBLISHED

Description

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through 6.2.0.

← Browse all CVEs View on cve.org ↗