Lucene search
JciVULNRICHMENT:CVE-2024-32931HistoryAug 01, 2024 - 9:18 p.m.
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-0121:18:07
CWE-598
jci
github.com
3
exacqvision
web service
token exposure
security issue
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
18.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
CNA Affected
[
{
"vendor": "Johnson Controls",
"product": "exacqVision",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "24.03"
}
],
"defaultStatus": "affected"
}
]Related
nvd
nvd
CVE-2024-32931
2024-08-01 22:15:25
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
cvelist
cvelist
CVE-2024-32931 exacqVison - Token Disclosed in URL
2024-08-01 21:18:07
cve
cve
CVE-2024-32931
2024-08-01 22:15:25
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
18.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-32931