CVE-2024-4105

🗓️ 26 Jun 2024 05:25:04Reported by YokogawaGroupType

A vulnerability in FAST/TOOLS and CI Server allows execution of malicious scripts via reflected XSS when processing HTTP requests, potentially impacting client PCs with inadequate security measures

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2024-4105	26 Jun 202405:25	–	cvelist
EUVD	EUVD-2024-32667	3 Oct 202520:07	–	euvd
ICS	Yokogawa FAST/TOOLS and CI Server	27 Jun 202406:00	–	ics
NVD	CVE-2024-4105	26 Jun 202406:15	–	nvd
Vulnrichment	CVE-2024-4105	26 Jun 202405:25	–	vulnrichment

[
  {
    "defaultStatus": "unknown",
    "product": "FAST/TOOLS",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "lessThanOrEqual": "R10.04",
        "status": "affected",
        "version": "R9.01",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unknown",
    "product": "CI Server",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "lessThanOrEqual": "R1.03.00",
        "status": "affected",
        "version": "R1.01.00",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
web-material3	www.web-material3.yokogawa.com/1/36059/files/YSAR-24-0001-E.pdf

15 Apr 2026 00:35Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.15.8

EPSS0.00172

SSVC

CWE-79

vulnerability fast/tools ci server reflected xss security flaw http requests malicious scripts client pc product url affected products versions