How severe is CVE-2024-7392?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2024-7392?

This is classified as CWE-410, which is a common weakness in software security.

CVE-2024-7392

MEDIUM Year: 2024

CVSS v3 Score

4.3

Medium

Weakness Type

CWE-410

View all →

Vulnerability Description

ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the connection handling of the Bluetooth Low Energy interface. The issue results from limiting the number of active connections to the product. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-21455.

CVE-2022-20937

MEDIUM

CVSS:5.3(Medium)

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an a...

CWE-4102022

CVE-2022-40224

MEDIUM

CVSS:5.3(Medium)

A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. ...

CWE-4102022

CVE-2023-7033

MEDIUM

CVSS:5.3(Medium)

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, ME...

CWE-4102023

CVE-2025-27694

MEDIUM

CVSS:5.3(Medium)

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability...

CWE-4102025

CVE-2021-1615

HIGH

CVSS:8.6(High)

A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a ...

CWE-4102021

CVE-2018-13815

HIGH

CVSS:7.5(High)

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a...

CWE-4102018

CVE-2024-7392

Vulnerability Description

Related Vulnerabilities

CVE-2022-20937

CVE-2022-40224

CVE-2023-7033

CVE-2025-27694

CVE-2021-1615

CVE-2018-13815