Lucene search
NCSC.chCVELIST:CVE-2024-2161HistoryMar 21, 2024 - 6:00 a.m.
CVE-2024-2161 Use of Hard-coded Credentials in Kiloview NDI N series products API middleware
2024-03-2106:00:17
CWE-798
NCSC.ch
www.cve.org
cve-2024-2161
unauthenticated bypass
firmware update
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0
Percentile
10.3%
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affectsย Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware versionย 2.02.0227 .
CNA Affected
[
{
"defaultStatus": "affected",
"product": "NDI",
"vendor": "Kiloview",
"versions": [
{
"status": "unaffected",
"version": "N3 Firmware 2.02.0227"
},
{
"status": "unaffected",
"version": "N3-s Firmware 2.02.0227"
},
{
"status": "unaffected",
"version": "N4 Firmware 2.02.0227"
},
{
"status": "unaffected",
"version": "N20 Firmware 2.02.0227"
},
{
"status": "unaffected",
"version": "N30 Firmware 2.02.0227"
},
{
"status": "unaffected",
"version": "N40 Firmware 2.02.0227"
}
]
}
]References
Related
nvd
nvd
CVE-2024-2161
2024-03-21 06:15:46
vulnrichment
vulnrichment
cve
cve
CVE-2024-2161
2024-03-21 06:15:46
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0
Percentile
10.3%
Related for CVELIST:CVE-2024-2161