How severe is CVE-2024-20462?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-20462?

This is classified as CWE-257, which is a common weakness in software security.

CVE-2024-20462 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML content from an affected device. A successful exploit could allow the attacker to view passwords that belong to other users.

Related Vulnerabilities

CVE-2019-6567

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5....

CWE-2572019

CVE-2023-31001

MEDIUM

CVSS:5.5(Medium)

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files ...

CWE-2572023

CVE-2018-5446

MEDIUM

CVSS:5.3(Medium)

Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format.

CWE-2572018

CVE-2024-32151

MEDIUM

CVSS:5.9(Medium)

User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numb...

CWE-2572024

CVE-2024-51552

HIGH

CVSS:6.0(Medium)

Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: throug...

CWE-2572024

CVE-2019-19096

MEDIUM

CVSS:6.1(Medium)

The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' con...

CWE-2572019