Skip to main content

Cbot Core

6 CVEs product

Monthly

CVE-2023-2887 CRITICAL Act Now

Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.0.3.4 Panel: v4.0.3.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cbot Core Cbot Panel
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2023-2886 MEDIUM This Month

Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.0.3.4 Panel: v4.0.3.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-2885 HIGH This Week

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).0.3.4 Panel: v4.0.3.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2023-2884 CRITICAL Act Now

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.0.3.4 Panel:. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-2883 HIGH This Week

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.0.3.4 Panel: v4.0.3.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cbot Core Cbot Panel
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2023-2882 CRITICAL Act Now

Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.0.3.4 Panel: v4.0.3.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
CVSS 3.1
9.8
EPSS
0.1%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.0.3.4 Panel: v4.0.3.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cbot Core Cbot Panel
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.0.3.4 Panel: v4.0.3.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).0.3.4 Panel: v4.0.3.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.0.3.4 Panel:. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.0.3.4 Panel: v4.0.3.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cbot Core Cbot Panel
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.0.3.4 Panel: v4.0.3.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cbot Core Cbot Panel
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy