CVE-2023-23958Sensitive Information Exposure in Protection Engine

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
6.5MEDIUMNVD
CNA6.8
EPSS
0.2%
top 53.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Protection Engine
Timeline
PublishedSep 27

Description

Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-f2mp-6hqr-p3mr: Symantec Protection Engine, prior to 92023-09-27
CVEList
Symantec Protection Engine Hash Leak Vulnerability2023-09-26
CVE-2023-23958 — Sensitive Information Exposure | cvebase