Cyber Posture

CVE-2024-56902

High

Published: 03 February 2025

Published
03 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.2649 96.4th percentile
Risk Priority 31 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56902 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 3.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AU-13 (Monitoring for Information Disclosure).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match
prevent

IA-5 mandates protection of authenticators like passwords from unauthorized disclosure and requires they not be stored or transmitted in cleartext, directly preventing exposure of cleartext credentials in the web application.

AC-14 Permitted Actions Without Identification or Authentication good match
prevent

AC-14 explicitly limits and authorizes actions performable without identification or authentication, preventing unauthenticated remote access to endpoints disclosing account information.

AU-13 Monitoring for Information Disclosure good match
detect

AU-13 requires monitoring the system for unauthorized disclosures of sensitive information, enabling detection of exploitation attempts retrieving cleartext passwords.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
attack.mitre.org →
Why these techniques?

Direct remote exploitation of public-facing web app (T1190) exposes cleartext credentials (T1552).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password.

Deeper analysisAI

CVE-2024-56902 is an information disclosure vulnerability in the Geovision GV-ASManager web application, affecting versions v6.1.0.0 and earlier. Classified under CWE-200, the issue enables the exposure of account information, including cleartext passwords. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with network accessibility and no prerequisites for authentication or user interaction.

A remote, unauthenticated attacker can exploit this vulnerability by accessing the affected web application over the network. Exploitation requires low complexity and no user interaction, allowing the attacker to retrieve sensitive account details, such as usernames and plaintext passwords, which could facilitate unauthorized access to the GV-ASManager system or related resources.

Mitigation guidance and additional technical details are available in the advisory published on GitHub at https://github.com/DRAGOWN/CVE-2024-56902.

Details

CWE(s)
CWE-200

CVEs Like This One

CVE-2025-62188Shared CWE-200
CVE-2026-25146Shared CWE-200
CVE-2024-48125Shared CWE-200
CVE-2025-55190Shared CWE-200
CVE-2025-68438Shared CWE-200
CVE-2026-32609Shared CWE-200
CVE-2025-26001Shared CWE-200
CVE-2026-4020Shared CWE-200
CVE-2026-26069Shared CWE-200
CVE-2026-24870Shared CWE-200

References