How severe is CVE-2024-47256?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2024-47256?

This is classified as CWE-321, which is a common weakness in software security.

CVE-2024-47256

MEDIUM Year: 2024

CVSS v3 Score

6.0

Medium

Weakness Type

CWE-321

View all →

Vulnerability Description

Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to read hardcoded AES passphrase, which may be used for decryption of certain data within backup files of 2N Access Commander version 1.14 and older. 2N has released an updated version 3.3 of 2N Access Commander, where this vulnerability is mitigated. It is recommended that all customers update 2N Access Commander to the latest version.

CVE-2018-3825

MEDIUM

CVSS:5.9(Medium)

In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, ...

CWE-3212018

CVE-2020-28391

MEDIUM

CVSS:5.9(Medium)

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5....

CWE-3212020

CVE-2020-28395

MEDIUM

CVSS:5.9(Medium)

A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do no...

CWE-3212020

CVE-2023-39982

MEDIUM

CVSS:5.9(Medium)

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulne...

CWE-3212023

CVE-2024-1258

MEDIUM

CVSS:5.9(Medium)

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the compo...

CWE-3212024

CVE-2024-38314

MEDIUM

CVSS:5.9(Medium)

IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.

CWE-3212024

CVE-2024-47256

Vulnerability Description

Related Vulnerabilities

CVE-2018-3825

CVE-2020-28391

CVE-2020-28395

CVE-2023-39982

CVE-2024-1258

CVE-2024-38314