Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2024-39290

Disclosure Date: November 22, 2024
CVE-2024-39290
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtain sensitive information such as a username and its password in the address book.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
IX-MV firmware Ver.7.10 and earlier
IX-MV7-HB firmware Ver.7.10 and earlier
IX-MV7-HBT firmware Ver.7.10 and earlier
IX-MV7-HW firmware Ver.7.10 and earlier
IX-MV7-HWT firmware Ver.7.10 and earlier
IX-MV7-HW-JP firmware Ver.7.10 and earlier
IX-MV7-B firmware Ver.7.10 and earlier
IX-MV7-BT firmware Ver.7.10 and earlier
IX-MV7-W firmware Ver.7.10 and earlier
IX-MV7-WT firmware Ver.7.10 and earlier
IX-DA firmware Ver.7.10 and earlier
IX-DAU firmware Ver.7.10 and earlier
IX-DB firmware Ver.7.10 and earlier
IX-DBT firmware Ver.7.10 and earlier
IX-EA firmware Ver.7.10 and earlier
IX-EAT firmware Ver.7.10 and earlier
IX-EAU firmware Ver.7.10 and earlier
IX-DV firmware Ver.7.11 and earlier
IX-DVT firmware Ver.7.11 and earlier
IX-DVF firmware Ver.7.11 and earlier
IX-DVF-P firmware Ver.7.11 and earlier
IX-DVF-L firmware Ver.7.11 and earlier
IX-DVM firmware Ver.7.10 and earlier
IX-DU firmware Ver.7.11 and earlier
IX-DVF-RA firmware Ver.7.11 and earlier
IX-DVF-2RA firmware Ver.7.11 and earlier
IX-BA firmware Ver.7.10 and earlier
IX-BAU firmware Ver.7.10 and earlier
IX-BB firmware Ver.7.10 and earlier
IX-BBT firmware Ver.7.10 and earlier
IX-FA firmware Ver.7.10 and earlier
IX-SSA firmware Ver.7.11 and earlier
IX-SS-2G firmware Ver.7.10 and earlier
IX-SS-2GT firmware Ver.7.10 and earlier
IX-SS-2G-N firmware Ver.7.10 and earlier
IX-BU firmware Ver.7.11 and earlier
IX-SSA-RA firmware Ver.7.11 and earlier
IX-SSA-2RA firmware Ver.7.11 and earlier
IX-RS-B firmware Ver.7.10 and earlier
IX-RS-BT firmware Ver.7.10 and earlier
IX-RS-W firmware Ver.7.10 and earlier
IX-RS-WT firmware Ver.7.10 and earlier
IXW-MA firmware Ver.7.10 and earlier
IX-SPMIC firmware Ver.7.10 and earlier
IXG-2C7 firmware Ver.3.01 and earlier
IXG-2C7-L firmware Ver.3.01 and earlier
IXG-DM7 firmware Ver.3.00 and earlier
IXG-DM7-HID firmware Ver.3.00 and earlier
IXG-DM7-HIDA firmware Ver.3.00 and earlier
IXG-DM7-10K firmware Ver.3.00 and earlier
IXG-MK firmware Ver.3.00 and earlier
IXGW-GW firmware Ver.3.01 and earlier
IXGW-TGW firmware Ver.3.01 and earlier
IXGW-LC firmware Ver.3.00 and earlier
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis