exploitDog

CVE-2024-24976

Опубликовано: 03 апр. 2024

Источник: nvd

CVSS3: 4.9

EPSS Низкий

Описание

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1948

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openautomationsoftware:open_automation_software:19.0.0.57:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.0015

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-130

NVD-CWE-Other

Связанные уязвимости

GHSA-98w9-jqjv-x727

CVSS3: 4.9

github

почти 2 года назад

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.

EPSS

Процентиль: 36%

0.0015

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-130

NVD-CWE-Other