CVE-2024-28023

MEDIUM Year: 2024
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-259
View all →

Vulnerability Description

A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.

Related Vulnerabilities

CVE-2020-12012

MEDIUM
CVSS:6.1(Medium)

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and...

CWE-2592020

CVE-2017-6039

MEDIUM
CVSS:5.3(Medium)

A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.

CWE-2592017

CVE-2024-32210

MEDIUM
CVSS:5.3(Medium)

The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard-coded passwords by default for forms and SQL connections.

CWE-2592024

CVE-2024-7216

LOW
CVSS:5.3(Medium)

A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-cod...

CWE-2592024

CVE-2025-2342

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded...

CWE-2592025

CVE-2021-27254

MEDIUM
CVSS:6.3(Medium)

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific fla...

CWE-2592021