Vulnerabilities > Cbot

DATE CVE VULNERABILITY TITLE RISK
2023-05-25 CVE-2023-2882 Generation of Incorrect Security Identifiers vulnerability in Cbot Core and Cbot Panel
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
low complexity
cbot CWE-1270
critical
9.8
2023-05-25 CVE-2023-2883 Authorization Bypass Through User-Controlled Key vulnerability in Cbot Core and Cbot Panel
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
low complexity
cbot CWE-639
8.8
2023-05-25 CVE-2023-2884 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Cbot Core and Cbot Panel
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
low complexity
cbot CWE-338
critical
9.8
2023-05-25 CVE-2023-2885 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Cbot Core and Cbot Panel
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
high complexity
cbot CWE-924
8.1
2023-05-25 CVE-2023-2886 Unspecified vulnerability in Cbot Core and Cbot Panel
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
low complexity
cbot
4.3
2023-05-25 CVE-2023-2887 Authentication Bypass by Spoofing vulnerability in Cbot Core and Cbot Panel
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
network
low complexity
cbot CWE-290
critical
9.8