9.8
CVSSv3

CVE-2023-37291

Published: 21/07/2023 Updated: 31/07/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 up to and including 6.2.0.

Vulnerable Product Search on Vulmon Subscribe to Product

gss vitals enterprise social platform