How severe is CVE-2023-52424?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2023-52424?

This is classified as CWE-304, which is a common weakness in software security.

CVE-2023-52424

HIGH Year: 2023

CVSS v3 Score

7.4

High

Weakness Type

CWE-304

View all →

Vulnerability Description

The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive the pairwise master key or session keys, and because there is not a protected exchange of an SSID during a 4-way handshake.

CVE-2024-20153

HIGH

CVSS:7.5(High)

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User inte...

CWE-3042024

CVE-2024-12136

HIGH

CVSS:7.8(High)

Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass.This issue affects ANKA JPD-00028: through 19.03.2025. NOTE: The vendor did not...

CWE-3042024

CVE-2024-11302

HIGH

CVSS:8.0(High)

A missing check_access() function in the lollms_binding_infos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitrarily. This vulnerabilit...

CWE-3042024

CVE-2024-9216

HIGH

CVSS:8.1(High)

An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat history. The vulnerability arises because the ...

CWE-3042024

CVE-2021-41179

MEDIUM

CVSS:6.5(Medium)

Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public...

CWE-3042021

CVE-2023-22833

MEDIUM

CVSS:6.5(Medium)

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandator...

CWE-3042023

CVE-2023-52424

Vulnerability Description

Related Vulnerabilities

CVE-2024-20153

CVE-2024-12136

CVE-2024-11302

CVE-2024-9216

CVE-2021-41179

CVE-2023-22833