How severe is CVE-2024-45165?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-45165?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2024-45165

MEDIUM Year: 2024

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-798

View all →

Vulnerability Description

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "(c)2007 UCI Software GmbH B.Boll" (without quotes). The key is both static and hardcoded. With access to messages, this results in message decryption and encryption by an attacker. Thus, it enables passive and active man-in-the-middle attacks.

CVE-2013-1603

MEDIUM

CVSS:5.3(Medium)

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-523...

CWE-7982013

CVE-2017-10616

MEDIUM

CVSS:5.3(Medium)

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior t...

CWE-7982017

CVE-2017-12709

MEDIUM

CVSS:5.3(Medium)

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, ...

CWE-7982017

CVE-2017-2720

MEDIUM

CVSS:5.3(Medium)

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increas...

CWE-7982017

CVE-2018-0329

MEDIUM

CVSS:5.3(Medium)

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote att...

CWE-7982018

CVE-2019-18831

MEDIUM

CVSS:5.3(Medium)

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

CWE-7982019

CVE-2024-45165

Vulnerability Description

Related Vulnerabilities

CVE-2013-1603

CVE-2017-10616

CVE-2017-12709

CVE-2017-2720

CVE-2018-0329

CVE-2019-18831