CVE-2023-5342 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.1 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
fedora	CNA	4.1 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-324 - Use of a Key Past its Expiration Date
The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.

References

https://access.redhat.com/security/cve/CVE-2023-5342

https://bodhi.fedoraproject.org/updates/FEDORA-2024-2aa28a4cfc

https://bugzilla.redhat.com/show_bug.cgi?id=2198977

https://bugzilla.redhat.com/show_bug.cgi?id=2388707