How severe is CVE-2023-42419?

This vulnerability has a severity rating of LOW with a CVSS score of 3.8 out of 10.

What type of vulnerability is CVE-2023-42419?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-42419 - LOW Severity | CVSS 3.8

Vulnerability Description

Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the server. The issue was resolved in version 2.28. Earlier versions, including all Cybellum 1.x versions, and distributions for the rest of the world remain unaffected.

Related Vulnerabilities

CVE-2017-10365

LOW

CVSS:3.8(Low)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high pr...

NVD-CWE-Other2017

CVE-2017-4896

LOW

CVSS:3.8(Low)

Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorize...

NVD-CWE-Other2017

CVE-2018-2792

LOW

CVSS:3.8(Low)

Vulnerability in the Hardware Management Pack component of Oracle Sun Systems Products Suite (subcomponent: Ipmitool). The supported version that is affected is Prior to 2.4.3. Easily exploitable vuln...

NVD-CWE-Other2018

CVE-2018-2831

LOW

CVSS:3.8(Low)

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vuln...

NVD-CWE-Other2018

CVE-2019-0162

LOW

CVSS:3.8(Low)

Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access.

NVD-CWE-Other2019

CVE-2019-2501

LOW

CVSS:3.8(Low)

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulne...

NVD-CWE-Other2019