CVE-2024-4425 · CVEKit

cve.orgen

363 chars

The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain-text. An attacker who gained unauthorized access to the device can retrieve clear text passwords used by the system.This issue affects CemiPark software: 4.5, 4.7, 5.03 and potentially others. The vendor refused to provide the specific range of affected products.

NVDen

363 chars

The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain-text. An attacker who gained unauthorized access to the device can retrieve clear text passwords used by the system.This issue affects CemiPark software: 4.5, 4.7, 5.03 and potentially others. The vendor refused to provide the specific range of affected products.

NVDes

421 chars

El control de acceso en el software CemiPark almacena las credenciales de integración (por ejemplo, FTP o SIP) en texto plano. Un atacante que obtuvo acceso no autorizado al dispositivo puede recuperar las contraseñas de texto plano utilizadas por el sistema. Este problema afecta al software CemiPark: 4.5, 4.7, 5.03 y potencialmente a otros. El vendedor se negó a proporcionar la gama específica de productos afectados.

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
3.1	Primary	cve.org	5.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N