Insufficient Technical Documentation in THREE R SOLUTION products - CVE-2024-22028
Published: January 16, 2024
Vulnerability identifier: #VU85428
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-22028
CWE-ID: CWE-1059
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: THREE R SOLUTION
Affected software:
3R-TMC01
3R-TMC02
3R-TMC03
3R-TMC04
3R-TMC05
3R-TMC06
3R-TMC01
3R-TMC02
3R-TMC03
3R-TMC04
3R-TMC05
3R-TMC06
Detailed vulnerability description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to insufficient technical documentation. An authenticated attacker with physical access can gain unauthorized access to sensitive information on the system.
How to mitigate CVE-2024-22028
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.