CVE-2023-28509

Published: Mar 29, 2023

Modified: Feb 18, 2025

PUBLISHED

Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.

Vendor	Product	Versions
Rocket Software	UniData	affected `0 - < 8.2.43.3003`
Rocket Software	UniVerse	affected `0 - < 11.3.5.1001` affected `0 - < 12.2.1.2002`

Weaknesses (CWE)

CWE-327

References

https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-28509

Description

Affected Products

Weaknesses (CWE)

References