CVE-2024-5731

MEDIUM Year: 2024
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-311
View all →

Vulnerability Description

A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information.

Related Vulnerabilities

CVE-2018-10631

MEDIUM
CVSS:6.8(Medium)

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer and 8870 N'Vision removable application card does not encrypt PII and PHI while at rest.

CWE-3112018

CVE-2022-35860

MEDIUM
CVSS:6.8(Medium)

Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.

CWE-3112022

CVE-2023-28841

MEDIUM
CVSS:6.8(Medium)

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component...

CWE-3112023

CVE-2010-3299

MEDIUM
CVSS:6.5(Medium)

The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.

CWE-3112010

CVE-2017-12716

MEDIUM
CVSS:6.5(Medium)

Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionall...

CWE-3112017

CVE-2017-14953

MEDIUM
CVSS:6.5(Medium)

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi enc...

CWE-3112017