CVE-2024-2420

LenelS2 NetBox access control and event monitoring system was discovered to containHardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
CarrierCNA
---
---
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01
https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01
https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf