{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T19:09:03.755","vulnerabilities":[{"cve":{"id":"CVE-2023-42419","sourceIdentifier":"info@cybellum.com","published":"2024-03-05T06:15:52.820","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key.\n\n\nAn attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the server.\nThe issue was resolved in version 2.28.\nEarlier versions, including all Cybellum 1.x versions, and distributions for the rest of the world remain unaffected.\n\n"},{"lang":"es","value":"Maintenance Server, en la distribución aislada QCOW de Cybellum (edición China), versiones 2.15.5 a 2.27, se compiló con una clave criptográfica privada codificada. Un atacante con privilegios administrativos y acceso al servidor aislado podría usar esta clave para ejecutar comandos en el servidor. El problema se resolvió en la versión 2.28. Las versiones anteriores, incluidas todas las versiones de Cybellum 1.x, y las distribuciones para el resto del mundo no se verán afectadas."}],"metrics":{"cvssMetricV31":[{"source":"info@cybellum.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L","baseScore":3.8,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.3,"impactScore":3.4}]},"references":[{"url":"https://cybellum.com/","source":"info@cybellum.com"},{"url":"https://cybellum.com/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}