Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.
History

Tue, 05 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-326
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


Thu, 17 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 17 Oct 2024 12:30:00 +0000

Type Values Removed Values Added
Description Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.
Title Nokia SR OS: BOF File Encryption Vulnerability
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Nokia

Published: 2024-10-17T12:16:02.750Z

Updated: 2024-11-05T19:32:18.366Z

Reserved: 2023-12-12T12:14:36.041Z

Link: CVE-2023-6728

cve-icon Vulnrichment

Updated: 2024-10-17T15:02:51.385Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-17T13:15:12.077

Modified: 2024-11-05T20:35:16.583

Link: CVE-2023-6728

cve-icon Redhat

No data.