CVE-2023-6728

Nov. 5, 2024, 8:35 p.m.

3.3
Low

Description

Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.

Product(s) Impacted

Product Versions
Nokia SR OS
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-326
Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References

https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-6728/

Tags

CWE-326
b48c3b8f-639e-4c16-8725-497bc411dad0
2024-10-17
CVE-2023-6728

CVSS Score

3.3 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: NONE
  • Availability Impact: NONE

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    View Vector String

Timeline

Published: Oct. 17, 2024, 1:15 p.m.
Last Modified: Nov. 5, 2024, 8:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

b48c3b8f-639e-4c16-8725-497bc411dad0

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.