CVE-2024-41682

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Aug 13, 2024

Updated: Aug 14, 2024

CWE ID 307

Summary

CVE-2024-41682 is a newly identified vulnerability affecting the Location Intelligence family of products, with versions prior to V4.4 being vulnerable. This issue stems from insufficient enforcement of authentication attempt limitations. Consequently, an unauthenticated malicious actor can launch brute force attacks, targeting legitimate user passwords remotely. Successful exploitation of this vulnerability could lead to unauthorized access to the affected systems. Organizations using these affected products are advised to update to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xG9MoQ
https://www.cve.org/CVERecord?id=CVE-2024-41682
https://nvd.nist.gov/vuln/detail/CVE-2024-41682

Back to Vulnerability Database

CVE-2024-41682

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations