How severe is CVE-2024-3046?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-3046?

This is classified as CWE-303, which is a common weakness in software security.

CVE-2024-3046

HIGH Year: 2024

CVSS v3 Score

7.5

High

Weakness Type

CWE-303

View all →

Vulnerability Description

In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an authenticated user reported in logs. This issue affects org.eclipse.kura:org.eclipse.kura.web2 version range [2.0.600, 2.4.0], which is included in Eclipse Kura version range [5.0.0, 5.4.1]

CVE-2021-21902

HIGH

CVSS:7.5(High)

An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authenticat...

CWE-3032021

CVE-2022-33736

HIGH

CVSS:7.5(High)

A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validat...

CWE-3032022

CVE-2022-41985

HIGH

CVSS:7.5(High)

An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and...

CWE-3032022

CVE-2023-25957

HIGH

CVSS:7.5(High)

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9...

CWE-3032023