VYPR

CWE-419

Unprotected Primary Channel

BaseDraft

Description

The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-383

CVEs mapped to this weakness (6)

  • CVE-2024-50588CriNov 8, 2024
    risk 0.64cvss 9.8epss 0.01

    An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login credentials among other sensitive data. …

  • CVE-2024-2414HigMar 13, 2024
    risk 0.57cvss 8.8epss 0.00

    The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges.

  • CVE-2018-12539HigAug 14, 2018
    risk 0.51cvss 7.8epss 0.00

    In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled…

  • CVE-2024-3051HigApr 26, 2024
    risk 0.49cvss 7.5epss 0.00

    Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gateway during this time.

  • CVE-2024-39886LowJul 10, 2024
    risk 0.24cvss 3.7epss 0.00

    TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App.

  • CVE-2025-24030Jan 23, 2025
    risk 0.00cvss epss 0.00

    Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of…