CVE-2024-9040

CVSS 3.1 Score 2.3 of 10 (low)

Details

Published Sep 20, 2024
Updated: Sep 26, 2024
CWE ID 313

Summary

CVE-2024-9040 is a vulnerability discovered in the Blood Bank Management System 1.0, specifically affecting its Password Handler component. This flaw allows for cleartext storage of sensitive data on disk, which poses a potential confidentiality risk if exploited locally by an attacker with high privileges. The vulnerability has a low base severity score of 2.3 and requires local access to exploit, indicating that while the potential impact is limited, it remains a concern for organizations using this software. To remediate this issue, users are advised to update or patch their system to ensure that sensitive information is stored securely rather than in cleartext. For further details, resources can be found at VulDB.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share