Lucene search
HistoryJun 12, 2024 - 5:15 p.m.
CVE-2024-37039
unchecked return value
denial of service
http request
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the
device when an attacker sends a specially crafted HTTP request.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
]
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-37039