CVE-2024-11308
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 321
Summary
CVE-2024-11308 is a vulnerability affecting the DVC tool from TRCore. The issue arises due to the use of a hardcoded key for file encryption. Malicious actors can exploit this weakness to decrypt the encrypted files, thereby gaining access to the original content. This vulnerability poses a significant risk to data security and confidentiality. Organizations using the DVC tool from TRCore are strongly advised to apply the necessary patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- DVC