CVE-2024-45272

Summary

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.

Affected Software

VendorProductVersion RangeStatus
MB connect linembCONNECT240.0.0 <= 2.16.2affected
MB connect linemymbCONNECT240.0.0 <= 2.16.2affected
HelmholzmyREX24 V20.0.0 <= 2.16.2affected
HelmholzmyREX24.virtual0.0.0 <= 2.16.2affected

Weaknesses

  • CWE-1391: CWE-1391: Use of Weak Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References