CVE-2023-41137

critical

Description

Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.

References

https://docs.appsanywhere.com/appsanywhere/3.1/2023-11-security-advisory

Details

Source: Mitre, NVD

Published: 2023-11-09

Updated: 2023-11-18

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H