CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-36648

Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka (as consumer and producer).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.9%

CVSS Severity

CVSS v3 Score 8.2

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36648
https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36648

Products affected by CVE-2023-36648

Prolion » Cryptospike » Version: 3.0.15

cpe:2.3:a:prolion:cryptospike:3.0.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36648

Products

Pricing

Contact Us