CVE-2024-0556

Medium

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user…

INCIBE·CWE-261·Published 2024-01-16

CVSS

6.5

EPSS

0.00

KEV

Exploits

cve.orgen

294 chars

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

NVDen

294 chars

NVDes

320 chars

Se ha detectado una vulnerabilidad de criptografía débil para contraseñas en WIC200 que afecta a la versión 1.1. Esta vulnerabilidad permite a un usuario remoto interceptar el tráfico y recuperar las credenciales de otro usuario y decodificarlas en base64, lo que permite al atacante ver las credenciales en texto plano.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.1	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N