An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
History

Thu, 17 Oct 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Helmholz myrex24 V2 Virtual Server
Helmholz rex 200
Helmholz rex 200 Firmware
Helmholz rex 250
Helmholz rex 250 Firmware
Helmholz rex 300
Helmholz rex 300 Firmware
Mbconnectline mbnet
Mbconnectline mbnet.rokey
Mbconnectline mbnet.rokey Firmware
Mbconnectline mbnet Firmware
Mbconnectline mbnet Hw1
Mbconnectline mbnet Hw1 Firmware
Mbconnectline mbspider Mdh 905
Mbconnectline mbspider Mdh 905 Firmware
Mbconnectline mbspider Mdh 906
Mbconnectline mbspider Mdh 906 Firmware
Mbconnectline mbspider Mdh 915
Mbconnectline mbspider Mdh 915 Firmware
Mbconnectline mbspider Mdh 916
Mbconnectline mbspider Mdh 916 Firmware
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:helmholz:myrex24_v2_virtual_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:h:helmholz:rex_200:-:*:*:*:*:*:*:*
cpe:2.3:h:helmholz:rex_250:-:*:*:*:*:*:*:*
cpe:2.3:h:helmholz:rex_300:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.rokey:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet_hw1:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbspider_mdh_905:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbspider_mdh_906:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbspider_mdh_915:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbspider_mdh_916:-:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbnet.rokey_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbnet_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbnet_hw1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbspider_mdh_905_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbspider_mdh_906_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbspider_mdh_915_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbspider_mdh_916_firmware:*:*:*:*:*:*:*:*
Vendors & Products Helmholz myrex24 V2 Virtual Server
Helmholz rex 200
Helmholz rex 200 Firmware
Helmholz rex 250
Helmholz rex 250 Firmware
Helmholz rex 300
Helmholz rex 300 Firmware
Mbconnectline mbnet
Mbconnectline mbnet.rokey
Mbconnectline mbnet.rokey Firmware
Mbconnectline mbnet Firmware
Mbconnectline mbnet Hw1
Mbconnectline mbnet Hw1 Firmware
Mbconnectline mbspider Mdh 905
Mbconnectline mbspider Mdh 905 Firmware
Mbconnectline mbspider Mdh 906
Mbconnectline mbspider Mdh 906 Firmware
Mbconnectline mbspider Mdh 915
Mbconnectline mbspider Mdh 915 Firmware
Mbconnectline mbspider Mdh 916
Mbconnectline mbspider Mdh 916 Firmware

Tue, 15 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Helmholz
Helmholz myrex24.virtual
Helmholz myrex24 V2
Mbconnectline
Mbconnectline mbconnect24
Mbconnectline mymbconnect24
CPEs cpe:2.3:a:helmholz:myrex24.virtual:*:*:*:*:*:*:*:*
cpe:2.3:a:helmholz:myrex24_v2:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mbconnect24:-:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:-:*:*:*:*:*:*:*
Vendors & Products Helmholz
Helmholz myrex24.virtual
Helmholz myrex24 V2
Mbconnectline
Mbconnectline mbconnect24
Mbconnectline mymbconnect24
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 10:45:00 +0000

Type Values Removed Values Added
Description An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
Title MB connect line/Helmholz: Generation of weak passwords vulnerability
Weaknesses CWE-1391
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-10-15T10:27:32.688Z

Updated: 2024-10-16T17:36:22.123Z

Reserved: 2024-08-26T09:19:01.266Z

Link: CVE-2024-45272

cve-icon Vulnrichment

Updated: 2024-10-16T17:36:22.123Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-15T11:15:11.673

Modified: 2024-10-17T17:42:42.197

Link: CVE-2024-45272

cve-icon Redhat

No data.