{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51117?format=json","vulnerability_id":"VCID-pszd-fp9q-zucn","summary":"Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass.\n\nThis issue affects Pallium Vehicle Tracking: before 17.10.2024.","aliases":[{"alias":"CVE-2024-9334"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0044","reference_id":"tr-25-0044","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T14:12:18Z/"}],"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0044"},{"reference_url":"https://www.usom.gov.tr/bildirim/tr-25-0044","reference_id":"tr-25-0044","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T14:12:18Z/"}],"url":"https://www.usom.gov.tr/bildirim/tr-25-0044"}],"weaknesses":[{"cwe_id":798,"name":"Use of Hard-coded Credentials","description":"The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data."},{"cwe_id":921,"name":"Storage of Sensitive Data in a Mechanism without Access Control","description":"The product stores sensitive information in a file system or device that does not have built-in access control."}],"exploits":[],"severity_range_score":"8.2 - 8.2","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pszd-fp9q-zucn"}