CVE-2024-20070

MEDIUM Year: 2024
CVSS v3 Score
5.1
Medium
Weakness Type
CWE-327
View all →

Vulnerability Description

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.

Related Vulnerabilities

CVE-2018-5745

MEDIUM
CVSS:4.9(Medium)

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed...

CWE-3272018

CVE-2021-43774

MEDIUM
CVSS:4.9(Medium)

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default creden...

CWE-3272021

CVE-2024-10128

MEDIUM
CVSS:4.9(Medium)

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads ...

CWE-3272024

CVE-2018-18587

MEDIUM
CVSS:5.3(Medium)

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.

CWE-3272018

CVE-2018-1996

MEDIUM
CVSS:5.3(Medium)

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obt...

CWE-3272018

CVE-2019-4325

MEDIUM
CVSS:5.3(Medium)

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

CWE-3272019