BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR, AV-02IPD, AV-02FDE, AV-02FDR, AV-03D, AV-03BD, AV-04AFD, AV-04ASD, AV-04FD, AV-04SD, AV-05FD, AV-05SD, AA-07BD, AA-07BDI, BA-04BD, BA-04MD, BA-08BD, BA-08MD, BA-12BD, BA-12MD, CR-02BD before firmware v3.9.2 allows authenticated attackers to read SIP account passwords via a crafted GET request.
References
Configurations
No configuration.
History
21 Nov 2024, 09:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://bas-ip.com/bsa-000001 - | |
References | () https://github.com/DrieVlad/BAS-IP-vulnerabilities - |
09 Jul 2024, 16:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-256 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
05 Jul 2024, 12:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
03 Jul 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-03 15:15
Updated : 2024-11-21 09:27
NVD link : CVE-2024-39220
Mitre link : CVE-2024-39220
CVE.ORG link : CVE-2024-39220
JSON object : View
Products Affected
No product.
CWE
CWE-256
Plaintext Storage of a Password