CVE-2023-32077

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 24, 2023
Updated: Aug 30, 2023
CWE ID 321
CWE ID 798

Summary

CVE-2023-32077: Netmaker, a network tool that utilizes WireGuard, has revealed a vulnerability in versions prior to 0.17.1 and 0.18.6. The issue is centered around hardcoded DNS key usage, allowing unauthorized users to engage with DNS API endpoints. Users running version 0.17.1 should pull the patched image `gravitl/netmaker:v0.17.1` and update, while those using versions 0.18.0-0.18.5 are advised to upgrade to version 0.18.6 or later. A workaround for users on version 0.17.1 involves pulling the latest docker image of the backend and restarting the server.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share