CVE-2024-38280

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:motorola:vigilant_fixed_lpr_coms_box_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box:-:*:*:*:*:*:*:*

History

03 Oct 2024, 19:36

Type Values Removed Values Added
CPE cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box:-:*:*:*:*:*:*:*
cpe:2.3:o:motorola:vigilant_fixed_lpr_coms_box_firmware:*:*:*:*:*:*:*:*
CWE CWE-312
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.6
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19 - Third Party Advisory, US Government Resource
First Time Motorola vigilant Fixed Lpr Coms Box Firmware
Motorola
Motorola vigilant Fixed Lpr Coms Box
Summary
  • (es) Un usuario no autorizado puede obtener acceso a datos confidenciales, incluidas las credenciales, recuperando físicamente el disco duro del producto, ya que los datos se almacenan en texto plano.

13 Jun 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-13 17:15

Updated : 2024-10-03 19:36


NVD link : CVE-2024-38280

Mitre link : CVE-2024-38280

CVE.ORG link : CVE-2024-38280


JSON object : View

Products Affected

motorola

  • vigilant_fixed_lpr_coms_box_firmware
  • vigilant_fixed_lpr_coms_box
CWE
CWE-312

Cleartext Storage of Sensitive Information

CWE-313

Cleartext Storage in a File or on Disk