Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism.
These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://asrg.io/security-advisories/cve-2024-7746/ |
History
Thu, 22 Aug 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Traccar traccar
|
|
Weaknesses | CWE-287 | |
CPEs | cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:* | |
Vendors & Products |
Traccar traccar
|
|
Metrics |
cvssV3_1
|
Tue, 13 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Traccar
Traccar server |
|
CPEs | cpe:2.3:a:traccar:server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Traccar
Traccar server |
|
Metrics |
ssvc
|
Tue, 13 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | |
Title | Use of default credentials at Traccar fleet management solution | |
Weaknesses | CWE-1392 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: ASRG
Published: 2024-08-13T15:14:31.171Z
Updated: 2024-08-13T15:39:33.726Z
Reserved: 2024-08-13T15:04:28.586Z
Link: CVE-2024-7746
Vulnrichment
Updated: 2024-08-13T15:39:28.926Z
NVD
Status : Analyzed
Published: 2024-08-13T16:15:09.573
Modified: 2024-08-22T14:40:44.167
Link: CVE-2024-7746
Redhat
No data.