CVE Record: CVE-2023-28509

Required CVE Record Information

Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.

CWE 1 Total

Learn more

CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Versions 2 Total

Default Status: unaffected

affected

Credits

Ron Bowes finder

References 1 Total

https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/
external site
third-party-advisory

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/
external site
third-party-advisoryx_transferred

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Rapid7, Inc.

Description

CWE 1 Total

Product Status

Credits

References 1 Total

CVE Program

References 1 Total

Authorized Data Publishers

CISA-ADP