CVE-2024-41156
2.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Summary
Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi Energy | TRO600 | 9.0.1.0 <= 9.2.0.0 | affected |
Weaknesses
- CWE-212: CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.