Unrated severityNVD Advisory· Published Jul 21, 2023· Updated Oct 24, 2024
Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key
CVE-2023-37291
Description
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data.
This issue affects Vitals ESP: from 3.0.8 through 6.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 3.0.8 - 6.2.0
- Galaxy Software Services/Vitals ESPv5Range: 3.0.8
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.