7.5
CVE-2024-1662
- EPSS 0.41%
- Veröffentlicht 05.06.2024 12:15:10
- Zuletzt bearbeitet 05.06.2026 13:16:32
- Quelle iletisim@usom.gov.tr
- CVE-Watchlists
- Unerledigt
LoginInformation Disclosure in Porty's PowerBank
Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data. This issue affects PowerBank Application: before 2.02.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.323 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| iletisim@usom.gov.tr | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://www.usom.gov.tr/bildirim/tr-24-0602
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0324