Lucene search
JciVULNRICHMENT:CVE-2024-32864HistoryAug 01, 2024 - 9:08 p.m.
CVE-2024-32864 exacqVison - HTTPS Session Establishment
2024-08-0121:08:02
CWE-319
jci
github.com
4
exacqvision
web services
secure communications
CVSS3
6.4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
39.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
CNA Affected
[
{
"vendor": "Johnson Controls",
"product": "exacqVision",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "affected"
}
]Related
cve
cve
CVE-2024-32864
2024-08-01 21:15:27
cvelist
cvelist
CVE-2024-32864 exacqVison - HTTPS Session Establishment
2024-08-01 21:08:02
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
nvd
nvd
CVE-2024-32864
2024-08-01 21:15:27
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
6.4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
39.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-32864