VYPR
Vendor

CBOT

Products
3
CVEs
6
Across products
8
Status
Private

Products

3

Recent CVEs

6
  • CVE-2023-2887CriMay 25, 2023
    risk 0.64cvss 9.8epss 0.01

    Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2884CriMay 25, 2023
    risk 0.64cvss 9.8epss 0.01

    Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2882CriMay 25, 2023
    risk 0.64cvss 9.8epss 0.01

    Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2883HigMay 25, 2023
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2885HigMay 25, 2023
    risk 0.53cvss 8.1epss 0.00

    Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM). This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

  • CVE-2023-2886MedMay 25, 2023
    risk 0.28cvss 4.3epss 0.00

    Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.