How severe is CVE-2024-33895?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2024-33895?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2024-33895

MEDIUM Year: 2024

CVSS v3 Score

6.6

Medium

Weakness Type

CWE-798

View all →

Vulnerability Description

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device.

CVE-2018-17771

MEDIUM

CVSS:6.6(Medium)

Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N.

CWE-7982018

CVE-2019-10851

MEDIUM

CVSS:6.5(Medium)

Computrols CBAS 18.0.0 has hard-coded encryption keys.

CWE-7982019

CVE-2019-11946

MEDIUM

CVSS:6.5(Medium)

A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-7982019

CVE-2019-6693

MEDIUM

CVSS:6.5(Medium)

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge o...

CWE-7982019

CVE-2020-27181

MEDIUM

CVSS:6.5(Medium)

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.

CWE-7982020

CVE-2020-8573

MEDIUM

CVSS:6.5(Medium)

The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upg...

CWE-7982020

CVE-2024-33895

Vulnerability Description

Related Vulnerabilities

CVE-2018-17771

CVE-2019-10851

CVE-2019-11946

CVE-2019-6693

CVE-2020-27181

CVE-2020-8573