CVE-2024-37037

🗓️ 12 Jun 2024 16:50:09Reported by schneiderType

Improper Path Traversal allows authenticated user to corrupt file

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-37037	17 Apr 202510:00	–	circl
CNNVD	Schneider Electric SAGE RTUs Path Traversal Vulnerability	12 Jun 202400:00	–	cnnvd
CVE	CVE-2024-37037	12 Jun 202416:50	–	cve
EUVD	EUVD-2024-36404	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Schneider Electric Sage RTU systems	11 Jun 202411:33	–	ncsc
NVD	CVE-2024-37037	12 Jun 202417:15	–	nvd
Positive Technologies	PT-2024-4181 · Schneider Electric · Schneider Electric Sage	11 Jun 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-37037	12 Jun 202416:50	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1410",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1430",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1450",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 2400",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 3030 Magnum",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 4400",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

12 Jun 2024 16:50Current

CVSS 3.18.1

EPSS0.00941

CWE-22