Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure Randomness in CBOT's Chatbot
Vulnerability Description
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
CBOT Chatbot 安全特征问题漏洞
Vulnerability Description
CBOT Chatbot是CBOT公司的一个人工智能驱动的实时聊天解决方案。 CBOT Chatbot Core v4.0.3.4 之前版本、 Panel v4.0.3.7之前版本存在安全特征问题漏洞,该漏洞源于使用加密弱伪随机数生成器 (PRNG),允许通过密钥重新创建进行签名欺骗。
CVSS Information
N/A
Vulnerability Type
N/A