Device at Risk of Cryptographic Weaknesses Due to Deprecated TLS Protocols
CVE-2023-41928

5.3MEDIUM

Key Information:

Vendor: Kiloview
Status: P1/p2
Vendor: CVE Published:; 2 July 2024

What is CVE-2023-41928?

The vulnerability involves network devices that continue to accept deprecated versions of the Transport Layer Security (TLS) protocols. This acceptance exposes the devices to cryptographic weaknesses, which can compromise the security of data in transit. Attackers may exploit these weaknesses to intercept or manipulate sensitive information, posing a significant risk to user privacy and organizational integrity. Organizations using the affected products should assess their security posture and consider updating their systems to mitigate potential threats associated with outdated cryptographic protocols.

Affected Version(s)

P1/P2 All <= 4.8.2605

References

https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2024
Vulnerability Reserved
Sep 5, 2023

Kiloview

What is CVE-2023-41928?

Affected Version(s)

References

CVSS V3.1

Timeline