CVE-2024-3543
6.4
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Progress Software Corporation | LoadMaster | LoadMaster 7.2.55.0 (GA) < 7.2.59.4 | affected |
| Progress Software Corporation | LoadMaster | LoadMaster 7.2.49.0 (LTSF) < 7.2.54.10 | affected |
| Progress Software Corporation | LoadMaster | LoadMaster 7.2.48.11 (LTS) < 7.2.48.12 | affected |
Weaknesses
- CWE-257: CWE-257: Storing Passwords in a Recoverable Format
ADP Enrichment
CVE Program Container
Additional References
- https://kemptechnologies.com/
- https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://kemptechnologies.com/
- https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.