exploitDog

CVE-2024-39287

Опубликовано: 08 авг. 2024

Источник: nvd

CVSS3: 5.3

CVSS3: 7.5

EPSS Низкий

Описание

Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys.

Ссылки

https://portal.dtscada.com/#/security-bulletins?bulletin=1
Vendor Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-24-221-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dorsettcontrols:infoscan:1.32:*:*:*:*:*:*:*

cpe:2.3:a:dorsettcontrols:infoscan:1.33:*:*:*:*:*:*:*

cpe:2.3:a:dorsettcontrols:infoscan:1.35:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00148

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-200

NVD-CWE-noinfo

Связанные уязвимости

GHSA-28pp-675x-rf35

CVSS3: 5.3

github

около 1 года назад

Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys.

EPSS

Процентиль: 36%

0.00148

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-200

NVD-CWE-noinfo