CVE-2024-3461

{"id": "CVE-2024-3461", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cvd@cert.pl", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-05-14T15:41:13.350", "references": [{"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459", "tags": ["Broken Link", "Third Party Advisory"], "source": "cvd@cert.pl"}, {"url": "https://cert.pl/posts/2024/04/CVE-2024-3459", "tags": ["Broken Link", "Third Party Advisory"], "source": "cvd@cert.pl"}, {"url": "https://www.kioware.com/", "tags": ["Product"], "source": "cvd@cert.pl"}, {"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert.pl/posts/2024/04/CVE-2024-3459", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.kioware.com/", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cvd@cert.pl", "description": [{"lang": "en", "value": "CWE-307"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "KioWare for Windows (versions all through 8.35)\u00a0allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.\n"}, {"lang": "es", "value": "KioWare para Windows (versiones hasta 8.35) permite forzar el n\u00famero PIN por fuerza bruta, lo que protege la aplicaci\u00f3n contra el cierre, ya que no existen mecanismos que impidan que un usuario adivine excesivamente el n\u00famero."}], "lastModified": "2025-02-12T15:37:59.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "FA48DE1E-8A39-439D-BE91-A8FA7E84C1D7", "versionEndIncluding": "8.35"}], "operator": "OR"}]}], "sourceIdentifier": "cvd@cert.pl"}