CVE-2024-39886

LOW Year: 2024
CVSS v3 Score
3.7
Low
Weakness Type
CWE-419
View all →

Vulnerability Description

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App.

Related Vulnerabilities

CVE-2022-33932

MEDIUM
CVSS:5.3(Medium)

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker ...

CWE-4192022

CVE-2023-30859

CRITICAL
CVSS:9.8(Critical)

Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you en...

CWE-4192023

CVE-2024-50588

CRITICAL
CVSS:9.8(Critical)

An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the databas...

CWE-4192024

CVE-2024-2414

HIGH
CVSS:8.8(High)

The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privil...

CWE-4192024

CVE-2018-12120

HIGH
CVSS:8.1(High)

Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all ...

CWE-4192018

CVE-2018-12539

HIGH
CVSS:7.8(High)

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which...

CWE-4192018