CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-1302

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00179/1

CVE-2024-1302: Information exposure vulnerability in Badger Meter Monitool allows attackers to access sensitive data. Specifically, a local attacker can exploit this vulnerability by manipulating the application's file parameter to access log files containing database credentials. With an SVRS of 30, this vulnerability is considered low risk, but should be monitored. Badger Meter Monitool versions up to 4.6.3 and earlier are affected. Although the CVSS score is 0, suggesting minimal immediate risk, the availability of active exploits and its presence "In The Wild" elevate the potential danger. Successful exploitation grants unauthorized access to critical database credentials, enabling further malicious activities. Mitigating this vulnerability is crucial to prevent potential data breaches and maintain system security. Applying the latest patches or updates is strongly recommended.

TAGS
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-03-12
LAST MODIFIED2024-03-12

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposurehttps://github.com/guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure2024-02-08
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Múltiples vulnerabilidades en Monitool de Badger Meter
2025-03-01
Múltiples vulnerabilidades en Monitool de Badger Meter | Multiple Vulnerabilities in Badger Meter's Monitool Wed, 02/07/2024 - 13:17 Aviso SCI Affected Resources Monitool, 4.6.3 version. Description INCIBE has coordinated the publication of 4 vulnerabilities
incibe.es
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-badger-meters-monitool

CWE Details

CWE IDCWE NameDescription
CWE-200Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence