CVE-2024-26155
CVE-2024-26155
Título es
CVE-2024-26155
Vie, 17/01/2025 – 17:15
Tipo
CWE-319
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-26155
Descripción en
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
expose clear text credentials in the web portal. An attacker can access
the ETIC RAS web portal and view the HTML code, which is configured to
be hidden, thus allowing a connection to the ETIC RAS ssh server, which
could enable an attacker to perform actions on the device.
expose clear text credentials in the web portal. An attacker can access
the ETIC RAS web portal and view the HTML code, which is configured to
be hidden, thus allowing a connection to the ETIC RAS ssh server, which
could enable an attacker to perform actions on the device.
17/01/2025
17/01/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Gravedad 4.0
6.10
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 (CVSS 3.1 Base Score)
6.80
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
