Lucene search
JciVULNRICHMENT:CVE-2024-32862HistoryAug 01, 2024 - 9:57 p.m.
CVE-2024-32862 exacqVision CORS
2024-08-0121:57:13
CWE-942
jci
github.com
2
cve-2024-32862
exacqvision
web services
cors
vulnerability
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
39.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
CNA Affected
[
{
"vendor": "Johnson Controls",
"product": "exacqVision",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "affected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"vendor": "johnsoncontrols",
"product": "exacqvision_web_service",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "affected"
}
]Related
cvelist
cvelist
CVE-2024-32862 exacqVision CORS
2024-08-01 21:57:13
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
nvd
nvd
CVE-2024-32862
2024-08-01 22:15:24
cve
cve
CVE-2024-32862
2024-08-01 22:15:24
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
39.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-32862