← Back to CVEs
CVE-2024-3543
MEDIUM6.4
Description
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
CVE Details
CVSS v3.1 Score6.4
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityHIGH
Privileges RequiredHIGH
User InteractionNONE
Published5/2/2024
Last Modified2/10/2025
Sourcenvd
Honeypot Sightings0
Affected Products
progress:loadmaster
Weaknesses (CWE)
CWE-257CWE-522
References
https://kemptechnologies.com/(security@progress.com)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(security@progress.com)
https://kemptechnologies.com/(af854a3a-2127-422b-91ae-364da2661108)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.