CVE-2023-22644
EUVD-2023-2677820.09.2023, 09:15
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| suse | manager_server | 4.2 ≤ 𝑥 < 4.2.50-150300.3.66.5 |
| suse | manager_server | 4.3 ≤ 𝑥 < 4.3.58-150400.3.46.4 |
𝑥
= Vulnerable software versions