Lucene search
JpcertCVE-2024-31412HistoryMay 01, 2024 - 1:15 p.m.
CVE-2024-31412
2024-05-0113:15:52
CWE-125
jpcert
web.nvd.nist.gov
37
cx-programmer
out-of-bounds read
vulnerability
cx-one
information disclosure
product crash
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
9.0%
Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being crashed.
Affected configurations
Node
omroncx-programmerMatch9.81
| Vendor | Product | Version | CPE |
|---|---|---|---|
| omron | cx-programmer | 9.81 | cpe:2.3:a:omron:cx-programmer:9.81:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "OMRON Corporation",
"product": "CX-Programmer",
"versions": [
{
"version": "Included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower",
"status": "affected"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-31412
2024-05-01 12:52:13
cvelist
cvelist
CVE-2024-31412
2024-05-01 12:52:13
nvd
nvd
CVE-2024-31412
2024-05-01 13:15:52
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-31412