CVE-2024-38883
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk33th percentile - higher than 33% of all known CVEs
Summary
A vulnerability in Horizon Business Services Inc. Caterease allows a remote attacker to perform a Drop Encryption Level attack by selecting a less-secure algorithm during negotiation. Affected versions range from 16.0.1.1663 to 24.0.1.2405 and possibly later.
Risk Assessment
An attacker can force the use of a weaker encryption algorithm, increasing the risk of interception and decryption of sensitive transmitted data.
Recommendation
Immediately update Caterease to the latest available version and contact the vendor for patch information.
Original NVD description (English source)
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation.

