Lucene search
JciVULNRICHMENT:CVE-2024-32863HistoryAug 01, 2024 - 8:59 p.m.
CVE-2024-32863 exacqVison - CSRF issues with Web Service
2024-08-0120:59:34
CWE-352
jci
github.com
4
cve-2024-32863
exacqvision
csrf
web service
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
24.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
CNA Affected
[
{
"vendor": "Johnson Controls",
"product": "exacqVision",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "affected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"vendor": "johnsoncontrols",
"product": "exacqvision_web_service",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-32863
2024-08-01 21:15:26
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
cve
cve
CVE-2024-32863
2024-08-01 21:15:26
cvelist
cvelist
CVE-2024-32863 exacqVison - CSRF issues with Web Service
2024-08-01 20:59:34
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
24.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-32863