GHSA-7wwr-h8cm-9jf7

Опубликовано: 10 фев. 2025

Источник: github

Github: Прошло ревью

CVSS3: 5.3

Описание

Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-4rcc-7pg7-f57f. This link is maintained to preserve external references.

Original Description

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-42513
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42513.pdf
https://github.com/OPCFoundation/UA-.NETStandard/tree/1.5.374.158

Пакеты

Наименование

OPCFoundation.NetStandard.Opc.Ua

nuget

Затронутые версииВерсия исправления

< 1.5.374.158

1.5.374.158

5.3 Medium

CVSS3

Дефекты

CWE-290

CWE-305

5.3 Medium

CVSS3

Дефекты

CWE-290

CWE-305