CVE-2024-2420

Summary

LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements.

Affected Software

VendorProductVersion RangeStatus
LenelS2NetBoxAll <= 5.6.1affected

Weaknesses

  • CWE-259: CWE-259 Use of Hardcoded Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References