We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-41137



AssignerAppCheck
Reserved2023-08-23
Published2023-11-09
Updated2024-10-28

Description

Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.



HIGH: 8.0CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Product status

Default status
unaffected

1.4.0
affected

1.4.1
affected

1.5.1
affected

1.5.2
affected

1.6.0
affected

2.0.0
affected

1.6.1
unaffected

2.0.1
unaffected

2.2.0
unaffected

Credits

Gaelan Steele finder

References

https://docs.appsanywhere.com/appsanywhere/3.1/2023-11-security-advisory (AppsAnywhere Security Advisory)

cve.org CVE-2023-41137

nvd.nist.gov CVE-2023-41137

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.