CVE-2024-39290
MEDIUMAIPHONE IX SYSTEM - Info Disclosure
Title source: llmDescription
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtain sensitive information such as a username and its password in the address book.
References (5)
Scores
CVSS v3
6.5
EPSS
0.0004
EPSS Percentile
12.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-522
Status
draft
Timeline
Published
Nov 22, 2024
Tracked Since
Feb 18, 2026