How severe is CVE-2024-30209?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.6 out of 10.

What type of vulnerability is CVE-2024-30209?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2024-30209

CRITICAL Year: 2024

CVSS v3 Score

9.6

Critical

Weakness Type

CWE-319

View all →

Vulnerability Description

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected systems transmit client-side resources without proper cryptographic protection. This could allow an attacker to eavesdrop on and modify resources in transit. A successful exploit requires an attacker to be in the network path between the RTLS Locating Manager server and a client (MitM).

CVE-2016-5649

CRITICAL

CVSS:9.8(Critical)

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access...

CWE-3192016

CVE-2017-15999

CRITICAL

CVSS:9.8(Critical)

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an...

CWE-3192017

CVE-2018-11421

CRITICAL

CVSS:9.8(Critical)

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All infor...

CWE-3192018

CVE-2018-11422

CRITICAL

CVSS:9.8(Critical)

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All in...

CWE-3192018

CVE-2018-11749

CRITICAL

CVSS:9.8(Critical)

When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are sent via plaintext to the LDAP server. This affects Puppet Enterprise 2018.1.3, 2017.3.9, and 2016.4...

CWE-3192018

CVE-2018-1297

CRITICAL

CVSS:9.8(Critical)

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

CWE-3192018

CVE-2024-30209

Vulnerability Description

Related Vulnerabilities

CVE-2016-5649

CVE-2017-15999

CVE-2018-11421

CVE-2018-11422

CVE-2018-11749

CVE-2018-1297