GHSA-qv5f-57gw-vx3h

Опубликовано: 10 фев. 2025

Источник: github

Github: Прошло ревью

CVSS3: 8.6

Описание

Duplicate Advisory: Authorization Bypass in OPC UA .NET Standard Stack

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-h958-fxgg-g7w3. This link is maintained to preserve external references.

Original Description

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-42512
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42512.pdf

Пакеты

Наименование

OPCFoundation.NetStandard.Opc.Ua

nuget

Затронутые версииВерсия исправления

< 1.5.374.158

1.5.374.158

8.6 High

CVSS3

Дефекты

CWE-208

CWE-639

8.6 High

CVSS3

Дефекты

CWE-208

CWE-639