How severe is CVE-2023-22644?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-22644?

This is classified as CWE-1270, which is a common weakness in software security.

CVE-2023-22644

CRITICAL Year: 2023

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-1270

View all →

Vulnerability Description

A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.

CVE-2023-30524

MEDIUM

CVSS:4.3(Medium)

Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CWE-12702023

CVE-2023-2882

CRITICAL

CVSS:9.8(Critical)

Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

CWE-12702023

CVE-2023-30524

MEDIUM

CVSS:4.3(Medium)

Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CWE-12702023

CVE-2023-32188

CRITICAL

CWE-12702023

CVE-2023-22644

Vulnerability Description

Related Vulnerabilities

CVE-2023-30524

CVE-2023-2882

CVE-2023-30524

CVE-2023-32188