CVE-2024-47256
CVE-2024-47256
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
06 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to read hardcoded AES passphrase, which may be used for decryption of certain data within backup files of 2N Access Commander version 1.14 and older.
2N has released an updated version 3.3 of 2N Access Commander, where this vulnerability is mitigated. It is recommended that all customers update 2N Access Commander to the latest version.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Affected products
2N · 2N Access CommanderWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →