Skip to main content

G5Dfr Firmware CVE-2024-22084

HIGH
Cleartext Storage of Sensitive Information (CWE-312)
2024-03-20 cve@mitre.org
7.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 20, 2024 - 05:15 cve.org
HIGH 7.5

DescriptionCVE.org

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files.

AnalysisAI

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-312. An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files. Affected products include: Elspec-Ltd G5Dfr Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-22081 CRITICAL
9.8 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated critical severity (CVSS

CVE-2024-22080 CRITICAL
9.8 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated critical severity (CVSS

CVE-2024-22078 HIGH
8.8 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated high severity (CVSS 8.8)

CVE-2024-22082 HIGH
7.5 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated high severity (CVSS 7.5)

CVE-2024-22079 HIGH
7.5 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated high severity (CVSS 7.5)

CVE-2024-22083 MEDIUM
6.5 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated medium severity (CVSS 6.

CVE-2024-22085 MEDIUM
6.2 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated medium severity (CVSS 6.

CVE-2024-22077 MEDIUM
5.3 Mar 20

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Rated medium severity (CVSS 5.

CVE-2025-59392 MEDIUM
6.8 Nov 06

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inser

CVE-2024-46603 HIGH
7.5 Jan 07

An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows att

CVE-2024-46602 HIGH
7.5 Jan 07

An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. Rated high severity (CVSS 7.5)

CVE-2024-46601 HIGH
7.5 Jan 07

Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Rated high

Share

CVE-2024-22084 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy