CVE Vulnerabilities

CVE-2023-47370

Inadequate Encryption Strength

Published: Nov 09, 2023 | Modified: Nov 20, 2023
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.

Weakness

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

Affected Software

Name Vendor Start Version End Version
Line Linecorp 13.6.1 (including) 13.6.1 (including)

Potential Mitigations

References