CVE-2024-51720

MEDIUM Year: 2024
CVSS v3 Score
4.8
Medium
Weakness Type
CWE-307
View all →

Vulnerability Description

An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number.

Related Vulnerabilities

CVE-2022-39314

MEDIUM
CVSS:4.8(Medium)

Kirby is a flat-file CMS. In versions prior to 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, Kirby is subject to user enumeration due to Improper Restriction of Excessive Authentication Attempts. This vulnera...

CWE-3072022

CVE-2025-3129

MEDIUM
CVSS:4.8(Medium)

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force.This issue affects Access code: from 0.0.0 before 2.0.4.

CWE-3072025

CVE-2019-5217

MEDIUM
CVSS:4.6(Medium)

There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions earlier than LON-AL00B9.0.1.150 (C00E61R1P8T8). An attacker could view the photos after a series of operation...

CWE-3072019

CVE-2019-5309

MEDIUM
CVSS:4.6(Medium)

Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of...

CWE-3072019

CVE-2022-25820

MEDIUM
CVSS:4.6(Medium)

A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.

CWE-3072022

CVE-2022-28386

MEDIUM
CVSS:4.6(Medium)

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout (e.g., requiring a reformat of the drive after 20 failed unlock attempts) does not work as speci...

CWE-3072022