{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33617", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2026-03-23T13:15:49.382Z", "datePublished": "2026-04-02T09:00:10.713Z", "dateUpdated": "2026-04-03T17:21:51.783Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "mbCONNECT24", "vendor": "MB connect line", "versions": [{"lessThanOrEqual": "2.19.4", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "mymbCONNECT24", "vendor": "MB connect line", "versions": [{"lessThanOrEqual": "2.19.4", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Moritz Abrell, Christian Z\u00e4ske from SySS GmbH"}], "datePublic": "2026-04-02T09:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.<br>"}], "value": "An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-497", "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-04-02T09:00:17.434Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://certvde.com/de/advisories/VDE-2026-030"}, {"tags": ["vendor-advisory"], "url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json"}], "source": {"advisory": "VDE-2026-030", "defect": ["CERT@VDE#641994"], "discovery": "EXTERNAL"}, "title": "MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T17:21:45.412589Z", "id": "CVE-2026-33617", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T17:21:51.783Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33617", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T17:21:45.412589Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T17:21:48.380Z"}}], "cna": {"title": "MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint", "source": {"defect": ["CERT@VDE#641994"], "advisory": "VDE-2026-030", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Moritz Abrell, Christian Z\u00e4ske from SySS GmbH"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MB connect line", "product": "mbCONNECT24", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.4"}], "defaultStatus": "unaffected"}, {"vendor": "MB connect line", "product": "mymbCONNECT24", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.4"}], "defaultStatus": "unaffected"}], "datePublic": "2026-04-02T09:00:00.000Z", "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-030", "tags": ["vendor-advisory"]}, {"url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.", "supportingMedia": [{"type": "text/html", "value": "An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-497", "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-04-02T09:00:17.434Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33617", "state": "PUBLISHED", "dateUpdated": "2026-04-03T17:21:51.783Z", "dateReserved": "2026-03-23T13:15:49.382Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2026-04-02T09:00:10.713Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF88F461-51FB-482C-A406-07F72FC10D79", "versionEndIncluding": "2.19.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*", "matchCriteriaId": "36E8693F-94C4-46A4-BD83-D87B71B89F12", "versionEndIncluding": "2.19.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials."}], "id": "CVE-2026-33617", "lastModified": "2026-04-16T15:40:56.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2026-04-02T10:16:17.260", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://certvde.com/de/advisories/VDE-2026-030"}, {"source": "info@cert.vde.com", "tags": ["Vendor Advisory"], "url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-497"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.4]"}}], "enrichment": {"confidence": 96.0, "confidence_source": "matching", "scores": [{"score": 96.0, "source": "matching"}]}, "original": {"product": "mbCONNECT24", "source": "cna", "vendor": "MB connect line"}, "product": "mbconnect24", "vendor": "mbconnectline"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.4]"}}], "enrichment": {"confidence": 96.0, "confidence_source": "matching", "scores": [{"score": 96.0, "source": "matching"}]}, "original": {"product": "mymbCONNECT24", "source": "cna", "vendor": "MB connect line"}, "product": "mymbconnect24", "vendor": "mbconnectline"}], "analysis": {"en": {"generated_at": "2026-04-02T10:20:43.978259+00:00", "value": {"mitigation_remediation": ["Verify if the vendor has released a patch or update and apply it immediately", "Restrict access to the configuration files and the data24 Endpoint to authorized users only", "Check the vendor\u2019s website or support channels for any advisory or guidance", "Consider disabling or limiting directory listing and other features that expose configuration information"], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts MB connect line products: mbCONNECT24 and mymbCONNECT24. No specific version range is documented, so the issue should be considered to affect all current and older releases of these products until a patch is issued.", "description_and_impact": "An unauthenticated remote attacker can read a configuration file that contains database credentials, resulting in a partial loss of confidentiality. The attack does not grant use of the credentials, but exposure of those secrets can still lead to data privacy concerns. The weakness is identified as CWE-497 (Insecure Interface Design).", "risk_and_exploitability": "The CVSS score of 5.3 indicates a moderate severity vulnerability. EPSS data is unavailable and the issue is not listed in the CISA KEV catalog, suggesting no confirmed widespread exploitation yet. The attack vector is inferred to be remote and unauthenticated, leveraging the data24 Endpoint exposed by the affected application. The lack of a known exploit path and the moderate CVSS score imply that while the risk is present, immediate widespread exploitation is unlikely, but remediation is still recommended."}}}}, "created": "2026-04-02T20:12:56.639449+00:00", "updated": "2026-04-02T20:21:36.012465+00:00", "vendors": ["mbconnectline", "mbconnectline$PRODUCT$mbconnect24", "mbconnectline$PRODUCT$mymbconnect24"]}