PT-2024-9567 · Ruijie · Ruijie Reyee Os
Published
2024-12-03
·
Updated
2024-12-10
·
CVE-2024-47043
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x
Description
The issue is related to insufficient storage of service data in the Ruijie Reyee OS, which could allow a remote attacker to correlate a device's serial number with the user's phone number and part of their email address.
Recommendations
For Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x, update to version 2.320.x or later to resolve the issue.
At the moment, there is no information about additional mitigation measures for this vulnerability.
Fix
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ruijie Reyee Os