Inclusion of Sensitive Information in Source Code Vulnerability Affects Cockpit Software
CVE-2024-1272

7.5HIGH

Key Information:

Vendor: Tnb Mobile Solutions
Status: Cockpit Software
Vendor: CVE Published:; 5 June 2024

🔔 Create Tnb Mobile Solutions Vulnerability Alert

What is CVE-2024-1272?

A vulnerability exists in TNB Mobile Solutions' Cockpit Software where sensitive information is improperly embedded in the source code. This flaw enables unauthorized retrieval of confidential data by potential attackers. The affected versions include those prior to v0.251.1, making it crucial for users to evaluate their systems and take necessary actions to protect sensitive information from being exposed.

Affected Version(s)

Cockpit Software 0

References

https://www.usom.gov.tr/bildirim/tr-24-0601

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2024

CVE-2024-1272 Data

JSON