CVE-2024-0556

Summary

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

Affected Software

VendorProductVersion RangeStatus
Full Compass SystemsWIC12001.1affected

Weaknesses

  • CWE-261: CWE-261: Weak Encoding for Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References