CVE-2023-3118430.05.2023, 20:15ROZCOM client CWE-798: Use of Hard-coded CredentialsEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST6.2 MEDIUMLOCALLOWNONECVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NINCDCNA6.2 MEDIUMLOCALLOWNONECVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NCVEADP------CISA-ADPADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 86%VendorProductVersionrozcomrozcom_client*𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.Referenceshttps://www.gov.il/en/Departments/faq/cve_advisorieshttps://www.gov.il/en/Departments/faq/cve_advisories