Lucene search

TR-CERTCVELIST:CVE-2024-3264

HistoryJun 24, 2024 - 12:45 p.m.

CVE-2024-3264 Broken or Risky Cryptographic Algorithm in Mia Technology's Mia-Med Health Aplication

2024-06-2412:45:13

CWE-327

TR-CERT

www.cve.org

cve-2024-3264

mia technology inc

signature spoofing

improper validation

mia-med health aplication

vulnerability

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Signature Spoofing by Improper Validation.This issue affects Mia-Med Health Aplication: before 1.0.14.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Mia-Med Health Aplication",
    "vendor": "Mia Technology Inc.",
    "versions": [
      {
        "lessThan": "1.0.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-24-0765

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVELIST:CVE-2024-3264