CVE-2024-39339

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-922
View all →

Vulnerability Description

A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used in Suzuki and Toyota cars. This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally identifiable information (PII). The exposure of such information may have serious implications for user privacy and system integrity.

Related Vulnerabilities

CVE-2019-12911

HIGH
CVSS:7.5(High)

Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application.

CWE-9222019

CVE-2019-12914

HIGH
CVSS:7.5(High)

Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application.

CWE-9222019

CVE-2019-20060

HIGH
CVSS:7.5(High)

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitiv...

CWE-9222019

CVE-2020-15775

HIGH
CVSS:7.5(High)

An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. The /usage page of Gradle Enterprise conveys high level build information such as project names and build counts over time. This page is...

CWE-9222020

CVE-2020-26104

HIGH
CVSS:7.5(High)

In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

CWE-9222020

CVE-2020-7000

HIGH
CVSS:7.5(High)

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the...

CWE-9222020