CVE-2023-0391

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-0391

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-0391.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-0391

Published

2023-03-21T20:15:11.683Z

Modified

2025-11-15T05:32:24.945728Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. This behavior was observed in version 2.2.0. There has been no indication from the vendor this has been addressed in version 2.2.1.

References

Affected packages

Git / github.com/cloudpanel-io/cloudpanel-ce

Affected ranges

Type: GIT
Repo: https://github.com/cloudpanel-io/cloudpanel-ce
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3e154cf3de190507b67868de58cf36d69e48de9c

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.3rc

v1.0.4

v1.0.5

v1.0.6

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.1.0