CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27172

Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.0%

CVSS Severity

CVSS v3 Score 9.1

References

https://balwurk.github.io/CVE-2023-27172/
https://balwurk.github.io/CVE-2023-27172/

Products affected by CVE-2023-27172

Xpand-It » Write-Back Manager » Version: 2.3.1

cpe:2.3:a:xpand-it:write-back_manager:2.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27172

Products

Pricing

Contact Us