Lucene search

[email protected]NVD:CVE-2024-22388

HistoryFeb 06, 2024 - 11:15 p.m.

CVE-2024-22388

2024-02-0623:15:08

CWE-285

[email protected]

web.nvd.nist.gov

configuration

communication

sensitive data

credential

device administration keys

cve-2024-22388

encoders

reader configuration

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

Percentile

5.3%

JSON

Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.

Affected configurations

Nvd

Node

hidglobaliclass_se_cp1000_encoderMatch-

AND

hidglobaliclass_se_cp1000_encoder_firmware

Node

hidglobaliclass_se_readersMatch-

AND

hidglobaliclass_se_readers_firmware

Node

hidglobaliclass_se_reader_modulesMatch-

AND

hidglobaliclass_se_reader_modules_firmware

Node

hidglobaliclass_se_processorsMatch-

AND

hidglobaliclass_se_processors_firmware

Node

hidglobalomnikey_5427ckMatch-

AND

hidglobalomnikey_5427ck_firmware

Node

hidglobalomnikey_5127ckMatch-

AND

hidglobalomnikey_5127ck_firmware

Node

hidglobalomnikey_5023Match-

AND

hidglobalomnikey_5023_firmware

Node

hidglobalomnikey_5027Match-

AND

hidglobalomnikey_5027_firmware

VendorProductVersionCPE
hidglobaliclass_se_cp1000_encoder-cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:*:*:*:*:*:*:*
hidglobaliclass_se_cp1000_encoder_firmware*cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware:*:*:*:*:*:*:*:*
hidglobaliclass_se_readers-cpe:2.3:h:hidglobal:iclass_se_readers:-:*:*:*:*:*:*:*
hidglobaliclass_se_readers_firmware*cpe:2.3:o:hidglobal:iclass_se_readers_firmware:*:*:*:*:*:*:*:*
hidglobaliclass_se_reader_modules-cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:*:*:*:*:*:*:*
hidglobaliclass_se_reader_modules_firmware*cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware:*:*:*:*:*:*:*:*
hidglobaliclass_se_processors-cpe:2.3:h:hidglobal:iclass_se_processors:-:*:*:*:*:*:*:*
hidglobaliclass_se_processors_firmware*cpe:2.3:o:hidglobal:iclass_se_processors_firmware:*:*:*:*:*:*:*:*
hidglobalomnikey_5427ck-cpe:2.3:h:hidglobal:omnikey_5427ck:-:*:*:*:*:*:*:*
hidglobalomnikey_5427ck_firmware*cpe:2.3:o:hidglobal:omnikey_5427ck_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hidglobal	iclass_se_cp1000_encoder	-	cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:::::::*
hidglobal	iclass_se_cp1000_encoder_firmware	*	cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware::::::::
hidglobal	iclass_se_readers	-	cpe:2.3:h:hidglobal:iclass_se_readers:-:::::::*
hidglobal	iclass_se_readers_firmware	*	cpe:2.3:o:hidglobal:iclass_se_readers_firmware::::::::
hidglobal	iclass_se_reader_modules	-	cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:::::::*
hidglobal	iclass_se_reader_modules_firmware	*	cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware::::::::
hidglobal	iclass_se_processors	-	cpe:2.3:h:hidglobal:iclass_se_processors:-:::::::*
hidglobal	iclass_se_processors_firmware	*	cpe:2.3:o:hidglobal:iclass_se_processors_firmware::::::::
hidglobal	omnikey_5427ck	-	cpe:2.3:h:hidglobal:omnikey_5427ck:-:::::::*
hidglobal	omnikey_5427ck_firmware	*	cpe:2.3:o:hidglobal:omnikey_5427ck_firmware::::::::