Disputed Vulnerability: Alleged Use of a Broken or Risky Cryptographic Algorithm in HireVue Hiring Platform V1.0

Disputed Vulnerability: Alleged Use of a Broken or Risky Cryptographic Algorithm in HireVue Hiring Platform V1.0

CVE-2022-37177 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption.

Learn more about our Cloud Audit.