Static IV in PyPinkSign v0.5.1 AES CBC Mode Encryption Vulnerability

Static IV in PyPinkSign v0.5.1 AES CBC Mode Encryption Vulnerability

CVE-2023-48056 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications.

Learn more about our Web Application Penetration Testing UK.