← Retour aux CVEs
CVE-2024-3543
MEDIUM6.4
Description
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
Details CVE
Score CVSS v3.16.4
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteHIGH
Privileges requisHIGH
Interaction utilisateurNONE
Publie5/2/2024
Derniere modification2/10/2025
Sourcenvd
Observations honeypot0
Produits affectes
progress:loadmaster
Faiblesses (CWE)
CWE-257CWE-522
References
https://kemptechnologies.com/(security@progress.com)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(security@progress.com)
https://kemptechnologies.com/(af854a3a-2127-422b-91ae-364da2661108)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.