Lucene search
CERTVDECVE-2024-6758HistoryAug 12, 2024 - 1:38 p.m.
CVE-2024-6758
2024-08-1213:38:40
CWE-269
CERTVDE
web.nvd.nist.gov
29
cve-2024-6758
sprecher automation sprecon-e
privilege management
remote attacker
unauthorized protection assignments
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
16.8%
Improper Privilege Managementย inย Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
Affected configurations
Node
sprecher-automationsprecon-e_cp-2500_firmwareRange<8.71j
sprecher-automationsprecon-e_cp-2500Match-
Node
sprecher-automationsprecon-e-p_dd6-2_firmwareRange<8.71j
sprecher-automationsprecon-e-p_dd6-2Match-
Node
sprecher-automationsprecon-e-c_firmwareRange<8.71j
sprecher-automationsprecon-e-cMatch-
Node
sprecher-automationsprecon-e_ap-2200_firmwareRange<8.71j
sprecher-automationsprecon-e_ap-2200Match-
Node
sprecher-automationsprecon-e_cp-2131_firmwareRange<8.71j
sprecher-automationsprecon-e_cp-2131Match-
Node
sprecher-automationsprecon-e_cp-2330_firmwareRange<8.71j
sprecher-automationsprecon-e_cp-2330Match-
Node
sprecher-automationsprecon-e-p_dq6-1_firmwareRange<8.71j
sprecher-automationsprecon-e-p_dq6-1Match-
Node
sprecher-automationsprecon-e-p_dl6-1_firmwareRange<8.71j
sprecher-automationsprecon-e-p_dl6-1Match-
Node
sprecher-automationsprecon-e-p_ds6-0_firmwareRange<8.71j
sprecher-automationsprecon-e-p_ds6-0Match-
Node
sprecher-automationsprecon-edir_firmwareRange<8.71j
sprecher-automationsprecon-edirMatch-
Node
sprecher-automationsprecon-e-t3_firmwareRange<8.71j
sprecher-automationsprecon-e-t3Match-
Node
sprecher-automationsprecon-e-t3_ax-3110_firmwareRange<8.71j
sprecher-automationsprecon-e-t3_ax-3110Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sprecher-automation | sprecon-e_cp-2500_firmware | * | cpe:2.3:o:sprecher-automation:sprecon-e_cp-2500_firmware:*:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e_cp-2500 | - | cpe:2.3:h:sprecher-automation:sprecon-e_cp-2500:-:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e-p_dd6-2_firmware | * | cpe:2.3:o:sprecher-automation:sprecon-e-p_dd6-2_firmware:*:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e-p_dd6-2 | - | cpe:2.3:h:sprecher-automation:sprecon-e-p_dd6-2:-:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e-c_firmware | * | cpe:2.3:o:sprecher-automation:sprecon-e-c_firmware:*:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e-c | - | cpe:2.3:h:sprecher-automation:sprecon-e-c:-:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e_ap-2200_firmware | * | cpe:2.3:o:sprecher-automation:sprecon-e_ap-2200_firmware:*:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e_ap-2200 | - | cpe:2.3:h:sprecher-automation:sprecon-e_ap-2200:-:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e_cp-2131_firmware | * | cpe:2.3:o:sprecher-automation:sprecon-e_cp-2131_firmware:*:*:*:*:*:*:*:* |
| sprecher-automation | sprecon-e_cp-2131 | - | cpe:2.3:h:sprecher-automation:sprecon-e_cp-2131:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SPRECON-E",
"vendor": "Sprecher Automation",
"versions": [
{
"lessThan": "< 8.71j",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-6758
2024-08-12 13:38:40
cvelist
cvelist
vulnrichment
vulnrichment
nessus
nessus
Sprecher Automation (CVE-2024-6758)
2024-08-13 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
16.8%
Related for CVE-2024-6758