Unauthorized Access to Sensitive Data
CVE-2024-41970
5.7MEDIUM
What is CVE-2024-41970?
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources.
Affected Version(s)
CC100 0751-9x01 0.0.0 <= 4.5.10 (FW27)
CC100 0751/9x01 0.0.0 <= 04.03.03 (72)
CC100 0751/9x01 0.0.0 <= 04.04.03 (70)
References
CVSS V3.1
Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Credit
Diego Giubertoni
Nozomi Networks