CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

🗓️ 13 Aug 2024 16:41:03Reported by icscertType

Incorrect Permission Assignment in Ocean Data Systems Dream Report, CVE-2024-661

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the Dream Report production report and analysis software lies in the improper assignment of permissions, which allows attackers to increase their privileges and cause service failures.	15 Nov 202400:00	–	bdu_fstec
Circl	CVE-2024-6619	13 Aug 202420:27	–	circl
CVE	CVE-2024-6619	13 Aug 202416:41	–	cve
EUVD	EUVD-2024-47680	3 Oct 202520:07	–	euvd
ICS	Ocean Data Systems Dream Report	13 Aug 202406:00	–	ics
NVD	CVE-2024-6619	13 Aug 202417:15	–	nvd
Positive Technologies	PT-2024-8113 · Ocean Data Systems · Ocean Data Systems Dream Report	13 Aug 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-6619	23 May 202508:43	–	redhatcve
Vulnrichment	CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report	13 Aug 202416:41	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Dream Report 2023",
    "vendor": "Ocean Data Systems",
    "versions": [
      {
        "lessThanOrEqual": "23.0.17795.1010",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Reports for Operations 2023",
    "vendor": "AVEVA",
    "versions": [
      {
        "status": "affected",
        "version": "23.0.17795.1010"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-226-08

13 Aug 2024 16:41Current

CVSS 48.5

EPSS0.0011

CWE-732