CVE-2024-2377
low-risk
Published 2024-04-30
A vulnerability exists in the too permissive HTTP response header web server settings of the SDM600. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information.
Do I need to act?
-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.6/10
High
ADJACENT_NETWORK
/ HIGH complexity
25
/ 100
low-risk
Severity
20/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal