Vulnerabilities > CVE-2023-2882 - Generation of Incorrect Security Identifiers vulnerability in Cbot Core and Cbot Panel

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
cbot
CWE-1270
critical

Summary

Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

Vulnerable Configurations

Part Description Count
Application
Cbot
2