CVE-2024-25960

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-319
View all →

Vulnerability Description

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Related Vulnerabilities

CVE-2019-9532

HIGH
CVSS:7.8(High)

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and g...

CWE-3192019

CVE-2024-44105

HIGH
CVSS:7.8(High)

Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials.

CWE-3192024

CVE-2018-12710

HIGH
CVSS:8.0(High)

An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account (which is a low privilege account) access, an attacker can intercept the response fr...

CWE-3192018

CVE-2020-5399

HIGH
CVSS:7.6(High)

Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL dat...

CWE-3192020

CVE-2002-1949

HIGH
CVSS:7.5(High)

The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.

CWE-3192002

CVE-2005-3140

HIGH
CVSS:7.5(High)

Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain th...

CWE-3192005