How severe is CVE-2024-29208?

This vulnerability has a severity rating of LOW with a CVSS score of 2.2 out of 10.

What type of vulnerability is CVE-2024-29208?

This is classified as CWE-521, which is a common weakness in software security.

CVE-2024-29208 - LOW Severity | CVSS 2.2

Vulnerability Description

An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro (Version 1.1.18 and earlier) UniFi Connect Display (Version 1.9.324 and earlier) UniFi Connect Display Cast (Version 1.6.225 and earlier) Mitigation: Update UniFi Connect Application to Version 3.10.7 or later. Update UniFi Connect EV Station to Version 1.2.15 or later. Update UniFi Connect EV Station Pro to Version 1.2.15 or later. Update UniFi Connect Display to Version 1.11.348 or later. Update UniFi Connect Display Cast to Version 1.8.255 or later.

Related Vulnerabilities

CVE-2023-27272

LOW

CVSS:3.1(Low)

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.

CWE-5212023

CVE-2022-3376

LOW

CVSS:3.5(Low)

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

CWE-5212022

CVE-2024-0347

LOW

CVSS:3.7(Low)

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signup_teacher.php. The manipulation of th...

CWE-5212024

CVE-2024-3735

MEDIUM

CVSS:3.7(Low)

A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Co...

CWE-5212024

CVE-2025-1341

MEDIUM

CVSS:3.7(Low)

A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an unknown part of the component Setting Handler. The manipulation leads to weak password requirements. It ...

CWE-5212025

CVE-2025-4534

MEDIUM

CVSS:3.7(Low)

A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A. This issue affects some unknown processing. The manipulation leads to weak password requirements. The a...

CWE-5212025