CVE-2024-42348

CVSS 3.1 Score 9.3 of 10 (high)

Details

Published Aug 2, 2024

Updated: Aug 5, 2024

CWE ID 77

Summary

CVE-2024-42348 is a vulnerability affecting FOG, a cloning and imaging suite, as well as inventory management system. In versions 1.5.10.41.2 and prior, registering a computer on the FOG Server could result in the leakage of Active Directory (AD) usernames and passwords. This security issue has been resolved in subsequent versions 1.5.10.41.3 and 1.6.0-beta.1395. To mitigate potential risks, it is advised to update FOG Server installations as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FOG Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xWB_-n
https://www.cve.org/CVERecord?id=CVE-2024-42348
https://nvd.nist.gov/vuln/detail/CVE-2024-42348

Back to Vulnerability Database

CVE-2024-42348

CVSS 3.1 Score 9.3 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations