CVE-2024-22432

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 25, 2024

Updated: Feb 1, 2024

CWE ID 522

CWE ID 256

Summary

CVE-2024-22432 is a vulnerability affecting Networker 19.9 and earlier versions. During MySQL Database backups, a temporary config file containing plain-text passwords is generated. A low-privileged user with access to the Networker Client system could exploit this issue and gain access to the configured MySQL Database user credentials. The attacker may then utilize these exposed credentials to access the vulnerable application Database with the compromised account's privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uGNvtE
https://www.cve.org/CVERecord?id=CVE-2024-22432
https://nvd.nist.gov/vuln/detail/CVE-2024-22432

Back to Vulnerability Database

CVE-2024-22432

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations