7.5
CVE-2024-47397
- EPSS 0.39%
- Veröffentlicht 18.12.2024 07:15:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authentication may be bypassed with an undocumented specific string.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerFXC Inc.
≫
Produkt
AE1021
Version
firmware versions 2.0.10 and earlier
Status
affected
HerstellerFXC Inc.
≫
Produkt
AE1021PE
Version
firmware versions 2.0.10 and earlier
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.305 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| vultures@jpcert.or.jp | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-1390 Weak Authentication
The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
https://jvn.jp/en/vu/JVNVU91084137/
https://www.fxc.jp/news/20241213