HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-41137

CVSS 8.0v3.1pub. 2023-11-09upd. 2024-11-21

Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Appsanywhere Client

    APP
    Appsanywhere
    1.4.01.4.11.5.11.5.21.6.02.0.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-41138HIGH7.5ten sam produkt

The AppsAnywhere macOS client-privileged helper can be tricked into executing arbitrary commands with elevated...