Lucene search
JciCVE-2024-32931HistoryAug 01, 2024 - 10:15 p.m.
CVE-2024-32931
2024-08-0122:15:25
CWE-598
jci
web.nvd.nist.gov
24
exacqvision
web service
authentication tokens
communications
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
18.7%
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
Affected configurations
Node
johnsoncontrolsexacqvision_web_serviceRange≤24.03
| Vendor | Product | Version | CPE |
|---|---|---|---|
| johnsoncontrols | exacqvision_web_service | * | cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-32931
2024-08-01 22:15:25
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
cvelist
cvelist
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-01 21:18:07
vulnrichment
vulnrichment
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-01 21:18:07
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
18.7%
Related for CVE-2024-32931