CVE-2024-24488

Published Feb 7, 2024

Last updated 9 months ago

Overview

Description: An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-312

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tendacn:cp3_firmware:11.10.00.2311090948:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80C2B105-4531-4A52-BFAD-808AC7669875"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tendacn:cp3:2.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0B18DD11-F4F9-42E3-848C-B23AFDD725B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References