Lucene search
JciCVE-2024-32863HistoryAug 01, 2024 - 9:15 p.m.
CVE-2024-32863
2024-08-0121:15:26
CWE-352
jci
web.nvd.nist.gov
24
exacqvision
web services
csrf
vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.7%
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
Affected configurations
Node
johnsoncontrolsexacqvision_web_serviceRange≤24.03
| Vendor | Product | Version | CPE |
|---|---|---|---|
| johnsoncontrols | exacqvision_web_service | * | cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-32863
2024-08-01 21:15:26
vulnrichment
vulnrichment
CVE-2024-32863 exacqVison - CSRF issues with Web Service
2024-08-01 20:59:34
ics
ics
Johnson Controls exacqVision Web Service
2024-08-01 12:00:00
cvelist
cvelist
CVE-2024-32863 exacqVison - CSRF issues with Web Service
2024-08-01 20:59:34
nessus
nessus
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
2024-08-09 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.7%
Related for CVE-2024-32863