Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K encryption key. The threat is from a man-in-the-middle attacker who can intercept and potentially modify data during transmission.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-27T00:00:00
Updated: 2024-08-02T21:01:21.128Z
Reserved: 2023-10-30T00:00:00
Link: CVE-2023-46919
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-27T21:15:08.103
Modified: 2024-01-05T18:35:20.857
Link: CVE-2023-46919
Redhat
No data.