7 matches found
CVE-2024-11946
iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...
CVE-2024-11946
iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...
CVE-2024-11946
iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...
CVE-2024-11946 iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability
iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...
CVE-2024-11946 iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability
iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...
CVE-2024-11946
The CVE-2024-11946 entry concerns iXsystems TrueNAS CORE. The flaw exists in firmware update handling, caused by using an insecure protocol to deliver updates, enabling network-adjacent attackers to tamper with firmware update files on affected installations. Authentication is not required to exp...
CVE-2024-11946
creationtimestamp| type| source ---|---|--- 2024-12-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1644/ 2024-12-30 20:19:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113743623783771556 2024-12-30 22:39:24+00:00| seen| https://t.me/cvedetector/13965...