Insufficient Technical Documentation in THREE R SOLUTION products - CVE-2024-22028
Published: January 16, 2024
Vulnerability identifier: #VU85428
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-22028
CWE-ID: CWE-1059
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
3R-TMC01
3R-TMC02
3R-TMC03
3R-TMC04
3R-TMC05
3R-TMC06
3R-TMC01
3R-TMC02
3R-TMC03
3R-TMC04
3R-TMC05
3R-TMC06
Software vendor:
THREE R SOLUTION
THREE R SOLUTION
Description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to insufficient technical documentation. An authenticated attacker with physical access can gain unauthorized access to sensitive information on the system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.