CVE-2024-12399

MEDIUM Year: 2024
CVSS v3 Score
7.1
High
Weakness Type
CWE-924
View all →

Vulnerability Description

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause partial loss of confidentiality, loss of integrity and availability of the HMI when attacker performs man in the middle attack by intercepting the communication.

Related Vulnerabilities

CVE-2022-3166

HIGH
CVSS:7.5(High)

Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability co...

CWE-9242022

CVE-2023-49933

HIGH
CVSS:7.5(High)

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modi...

CWE-9242023

CVE-2024-8933

HIGH
CVSS:7.5(High)

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service ...

CWE-9242024

CVE-2018-14526

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker w...

CWE-9242018

CVE-2019-20844

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.

CWE-9242019