CVE-2024-2420

CVSS V2 None CVSS V3 None

Description

LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements.

Overview

CVE ID
CVE-2024-2420

Assigner
Carrier

Vulnerability Status
PUBLISHED

Published Version
2024-05-30T17:22:06.344Z

Last Modified Date
2024-06-04T17:29:12.413Z

Weakness Enumerations

CWE	URL
CWE-259	http://cwe.mitre.org/data/definitions/259.html

References

Reference URL	Reference Tags
https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-2420
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2420

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 00:11:49				Added to TrackCVE