7.1
CVE-2024-23942
- EPSS 0.03%
- Veröffentlicht 18.03.2025 11:03:35
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
MB connect line: Configuration File on the client workstation is not encrypted
A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMB connect line
≫
Produkt
mbCONNECT24
Default Statusunaffected
Version
0
Version <
2.16.2
Status
affected
HerstellerMB connect line
≫
Produkt
mbNET
Default Statusunaffected
Version
0
Version <
8.2.0
Status
affected
HerstellerMB connect line
≫
Produkt
mbNET.rokey
Default Statusunaffected
Version
0
Version <
8.2.0
Status
affected
HerstellerMB connect line
≫
Produkt
mymbCONNECT24
Default Statusunaffected
Version
0
Version <
2.16.2
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.096 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-312 Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.