Weak Encoding for Password

CVE-2024-52334

Medium

6.3/10

Summary

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-261 - Weak Encoding for Password

Obscuring a password with a trivial encoding does not protect the password.

References

Advisory Timeline

Published Feb 10, 2026

Weak Encoding for Password

CVE-2024-52334

Summary

CWE-261 - Weak Encoding for Password

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS