CVE-2024-33662
published 2024-10-02CVE-2024-33662: Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
PriorityP339high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
EPSS
0.28%
20.1th percentile
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | portainer_portainer | >= 0 < 2.20.2 | 2.20.2 |
| portainer | portainer | < 2.20.2 | 2.20.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Portainer improperly uses an encryption algorithm in the AesEncrypt function in github.com/portainer/portainer
osv·2024-10-09
CVE-2024-33662 Portainer improperly uses an encryption algorithm in the AesEncrypt function in github.com/portainer/portainer
Portainer improperly uses an encryption algorithm in the AesEncrypt function in github.com/portainer/portainer
Portainer improperly uses an encryption algorithm in the AesEncrypt function in github.com/portainer/portainer.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/portainer/portainer before v2.20.2.
OSV
Portainer improperly uses an encryption algorithm in the AesEncrypt function
osv·2024-10-02
CVE-2024-33662 [HIGH] Portainer improperly uses an encryption algorithm in the AesEncrypt function
Portainer improperly uses an encryption algorithm in the AesEncrypt function
Portainer before 2.20.2 improperly uses an encryption algorithm in the `AesEncrypt` function.
GHSA
Portainer improperly uses an encryption algorithm in the AesEncrypt function
ghsa·2024-10-02
CVE-2024-33662 [HIGH] CWE-326 Portainer improperly uses an encryption algorithm in the AesEncrypt function
Portainer improperly uses an encryption algorithm in the AesEncrypt function
Portainer before 2.20.2 improperly uses an encryption algorithm in the `AesEncrypt` function.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-02
Published