CVE-2024-13416 MEDIUM

CVE-2024-13416

Vendor 2N
Product 2N OS
Weakness CWE-532 · Sensitive info in logs
Published February 6, 2025
Last update January 9, 2026

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log. 2N has released an updated version 2.46 of 2N OS, where this vulnerability is mitigated. It is recommended that all customers update their devices to the latest 2N OS.

Key dates

02Disclosure timeline

February 6, 2025 CVE published
January 9, 2026 Record updated