CVE-2024-3543
LoadMaster Reversible Password Encryption Algorithm
Severity Score
6.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system.
El uso de un algoritmo de cifrado de contraseña reversible permite a los atacantes descifrar contraseñas. El atacante puede descifrar fácilmente la información confidencial y las credenciales robadas pueden usarse para acciones arbitrarias que corrompan el sistema.
*Credits:
Agenzia per la Cybersicurezza Nazionale (ACN)
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-04-09 CVE Reserved
- 2024-05-02 CVE Published
- 2024-05-03 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-257: Storing Passwords in a Recoverable Format
CAPEC
- CAPEC-37: Retrieve Embedded Sensitive Data
References (2)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Progress Software Corporation Search vendor "Progress Software Corporation" | LoadMaster Search vendor "Progress Software Corporation" for product "LoadMaster" | < 7.2.59.4 Search vendor "Progress Software Corporation" for product "LoadMaster" and version " < 7.2.59.4" | en |
Affected
| ||||||
| Progress Software Corporation Search vendor "Progress Software Corporation" | LoadMaster Search vendor "Progress Software Corporation" for product "LoadMaster" | < 7.2.54.10 Search vendor "Progress Software Corporation" for product "LoadMaster" and version " < 7.2.54.10" | en |
Affected
| ||||||
| Progress Software Corporation Search vendor "Progress Software Corporation" | LoadMaster Search vendor "Progress Software Corporation" for product "LoadMaster" | < 7.2.48.12 Search vendor "Progress Software Corporation" for product "LoadMaster" and version " < 7.2.48.12" | en |
Affected
| ||||||