CVE-2024-30124

MEDIUM Year: 2024
CVSS v3 Score
4.0
Medium
Weakness Type
CWE-1188
View all →

Vulnerability Description

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously.

Related Vulnerabilities

CVE-2020-26930

LOW
CVSS:3.8(Low)

NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings.

CWE-11882020

CVE-2020-11917

MEDIUM
CVSS:4.3(Medium)

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices...

CWE-11882020

CVE-2024-56433

LOW
CVSS:3.6(Low)

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of us...

CWE-11882024

CVE-2020-12327

MEDIUM
CVSS:4.4(Medium)

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local ...

CWE-11882020

CVE-2024-44096

MEDIUM
CVSS:4.4(Medium)

there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploit...

CWE-11882024

CVE-2021-33130

MEDIUM
CVSS:4.6(Medium)

Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical ...

CWE-11882021