PT-2023-5850 · Qvpn · Qvpn Device Client

Runzi Zhao

·

Publicado

2023-10-06

·

Atualizado

2023-10-11

·

CVE-2023-23371

CVSS v3.1

5.2

Média

VetorAV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions QVPN Device Client versions prior to 2.2.0.0823
Description A cleartext transmission of sensitive information issue has been reported, which could allow local authenticated administrators to read sensitive data via unspecified vectors.
Recommendations For versions prior to 2.2.0.0823, update to QVPN Windows 2.2.0.0823 or later to resolve the issue.

Correção

Cleartext Transmission of Sensitive Information

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310CWE-319CWE-311

Identificadores relacionados

BDU:2023-06537
CVE-2023-23371

Produtos afetados

Qvpn Device Client