Attackers Can Easily Decrypt and Use Stolen Passwords to Corrupt the System
CVE-2024-3543
6.4MEDIUM
Summary
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
Affected Version(s)
LoadMaster <= LoadMaster 7.2.55.0 (GA)
LoadMaster < 7.2.59.4
LoadMaster < 7.2.54.10
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Agenzia per la Cybersicurezza Nazionale (ACN)