Products
goTenna Pro Series
Source
ics-cert@hq.dhs.gov
Tags
CVE-2024-47124 details
Published : Sept. 26, 2024, 6:15 p.m.
Last Modified : Sept. 26, 2024, 6:15 p.m.
Last Modified : Sept. 26, 2024, 6:15 p.m.
Description
The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal information about the users and can also be leveraged for other vulnerabilities.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-319 | Cleartext Transmission of Sensitive Information | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
References
| URL | Source |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 | ics-cert@hq.dhs.gov |
This website uses the NVD API, but is not approved or certified by it.