Products
Avtec Outpost
Source
ics-cert@hq.dhs.gov
Tags
CVE-2024-39776 details
Published : Aug. 22, 2024, 8:15 p.m.
Last Modified : Aug. 22, 2024, 8:15 p.m.
Last Modified : Aug. 22, 2024, 8:15 p.m.
Description
Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7.5 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-219 | Storage of File with Sensitive Data Under Web Root | The product stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
Base Score
7.5
Exploitability Score
3.9
Impact Score
3.6
Base Severity
HIGH
Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References
URL | Source |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04 | ics-cert@hq.dhs.gov |
This website uses the NVD API, but is not approved or certified by it.