CVE-2023-32077
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 24, 2023
Updated: Aug 30, 2023
CWE ID 321
CWE ID 798
Summary
CVE-2023-32077: Netmaker, a network tool that utilizes WireGuard, has revealed a vulnerability in versions prior to 0.17.1 and 0.18.6. The issue is centered around hardcoded DNS key usage, allowing unauthorized users to engage with DNS API endpoints. Users running version 0.17.1 should pull the patched image `gravitl/netmaker:v0.17.1` and update, while those using versions 0.18.0-0.18.5 are advised to upgrade to version 0.18.6 or later. A workaround for users on version 0.17.1 involves pulling the latest docker image of the backend and restarting the server.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Gravitl Netmaker