Vulnerability Details CVE-2023-2884
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 48.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-2884
-
cpe:2.3:a:cbot:cbot_core:-
-
cpe:2.3:a:cbot:cbot_panel:-