1. Home
  2. CVE Database
  3. CVE-2024-38426
MEDIUM · 5.4

CVE-2024-38426

While processing the authentication message in UE, improper authentication may lead to information disclosure.

Vulnerability Description

While processing the authentication message in UE, improper authentication may lead to information disclosure.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
Qualcomm315 5G Iot Firmware-
Qualcomm315 5G IotAll versions
Qualcomm9205 Lte Firmware-
Qualcomm9205 LteAll versions
QualcommAr8035 Firmware-
QualcommAr8035All versions
QualcommCsra6620 Firmware-
QualcommCsra6620All versions
QualcommCsra6640 Firmware-
QualcommCsra6640All versions
QualcommCsrb31024 Firmware-
QualcommCsrb31024All versions
QualcommFastconnect 6200 Firmware-
QualcommFastconnect 6200All versions
QualcommFastconnect 6700 Firmware-
QualcommFastconnect 6700All versions
QualcommFastconnect 6800 Firmware-
QualcommFastconnect 6800All versions
QualcommFastconnect 6900 Firmware-
QualcommFastconnect 6900All versions

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2024-38426?

CVE-2024-38426 is a vulnerability with a CVSS score of 5.4 (MEDIUM). While processing the authentication message in UE, improper authentication may lead to information disclosure.

How severe is CVE-2024-38426?

CVE-2024-38426 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-38426?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm 315 5G Iot Firmware, Qualcomm 315 5G Iot, Qualcomm 9205 Lte Firmware, Qualcomm 9205 Lte, Qualcomm Ar8035 Firmware.