The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.
History

Thu, 17 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Elvaco
Elvaco cme3100 Firmware
CPEs cpe:2.3:o:elvaco:cme3100_firmware:1.12.1:*:*:*:*:*:*:*
Vendors & Products Elvaco
Elvaco cme3100 Firmware
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 17 Oct 2024 16:30:00 +0000

Type Values Removed Values Added
Description The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.
Title Insufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100
Weaknesses CWE-522
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-10-17T16:12:21.215Z

Updated: 2024-10-17T17:51:54.610Z

Reserved: 2024-10-14T22:56:08.989Z

Link: CVE-2024-49396

cve-icon Vulnrichment

Updated: 2024-10-17T16:57:58.731Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-17T17:15:12.467

Modified: 2024-10-18T12:52:33.507

Link: CVE-2024-49396

cve-icon Redhat

No data.