https://github.com/JC175/CVE-2022-37177

https://www.hirevue.com/

MITRE disputed

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption.

HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption.

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists.

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption.

OR
     *cpe:2.3:a:hirevue:hiring_platform:1.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:hirevue:hiring_platform:-:*:*:*:*:*:*:*

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: the is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services and no product with version V1.0 exists.

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists.

HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm.

** DISPUTED ** HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: the is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services and no product with version V1.0 exists.

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NIST CWE-327

OR
     *cpe:2.3:a:hirevue:hiring_platform:1.0:*:*:*:*:*:*:*

https://github.com/JC175/CVE-2022-37177 No Types Assigned

https://github.com/JC175/CVE-2022-37177 Exploit, Third Party Advisory

https://www.hirevue.com/ No Types Assigned

https://www.hirevue.com/ Vendor Advisory