Vulnerability Description
Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cyberpower | Powerpanel | <= 4.9.0 |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01Third Party AdvisoryUS Government Resource
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windowsProduct
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01Third Party AdvisoryUS Government Resource
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windowsProduct
FAQ
What is CVE-2024-32047?
CVE-2024-32047 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server.
How severe is CVE-2024-32047?
CVE-2024-32047 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-32047?
Check the references section above for vendor advisories and patch information. Affected products include: Cyberpower Powerpanel.