Описание
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. These missing checks may result in information disclosure or remote code execution. This affects NI VeriStand 2024 Q2 and prior versions.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024 (включая)
Одно из
cpe:2.3:a:ni:veristand:*:*:*:*:*:*:*:*
cpe:2.3:a:ni:veristand:2024:q2:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.0154
Низкий
7.5 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 7.5
github
больше 1 года назад
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. These missing checks may result in information disclosure or remote code execution. This affects NI VeriStand 2024 Q2 and prior versions.
EPSS
Процентиль: 81%
0.0154
Низкий
7.5 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-862
CWE-862