← Voltar para CVEs
CVE-2024-3543
MEDIUM6.4
Descricao
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
Detalhes CVE
Pontuacao CVSS v3.16.4
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeHIGH
Privilegios necessariosHIGH
Interacao do usuarioNONE
Publicado5/2/2024
Ultima modificacao2/10/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
progress:loadmaster
Fraquezas (CWE)
CWE-257CWE-522
Referencias
https://kemptechnologies.com/(security@progress.com)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(security@progress.com)
https://kemptechnologies.com/(af854a3a-2127-422b-91ae-364da2661108)
https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.