Vulnerability Details CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.1%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2024-24300
-
cpe:2.3:h:4ipnet:eap-767:*
-
cpe:2.3:o:4ipnet:eap-767_firmware:3.42.00