GHSA-36xj-gx8g-m5fr

Опубликовано: 26 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 6.5

Описание

The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-47130
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04

EPSS

Процентиль: 33%

0.00131

Низкий

8.7 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2024-47130

Дефекты

CWE-306

Связанные уязвимости

CVE-2024-47130

CVSS3: 8.8

nvd

больше 1 года назад

The goTenna Pro App allows unauthenticated attackers to remotely update the local public keys used for P2P and group messages. It is advised to update your app to the current release for enhanced encryption protocols.

EPSS

Процентиль: 33%

0.00131

Низкий

8.7 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2024-47130

Дефекты

CWE-306