Lucene search
JciCVELIST:CVE-2024-32931HistoryAug 01, 2024 - 9:18 p.m.
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-0121:18:07
CWE-598
jci
www.cve.org
2
exacqvision
web service
authentication
token
expose
cve-2024-32931
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
18.7%
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-32931
2024-08-01 22:15:25
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
vulnrichment
vulnrichment
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-01 21:18:07
cve
cve
CVE-2024-32931
2024-08-01 22:15:25
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
18.7%
Related for CVELIST:CVE-2024-32931