Lucene search
HistorySep 25, 2024 - 1:15 a.m.
CVE-2024-43692
attacker
privileges
direct request
progauge maglink lx console
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full privileges by requesting the URL directly.
Affected configurations
Node
doverfuelingsolutionsprogauge_maglink_lx_console_firmwareRange≤3.4.2.2.6
doverfuelingsolutionsprogauge_maglink_lx_consoleMatch-
Node
doverfuelingsolutionsprogauge_maglink_lx4_console_firmwareRange≤4.17.9e
doverfuelingsolutionsprogauge_maglink_lx4_consoleMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| doverfuelingsolutions | progauge_maglink_lx_console_firmware | * | cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx_console_firmware:*:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx_console | - | cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx_console:-:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx4_console_firmware | * | cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx4_console_firmware:*:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx4_console | - | cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx4_console:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
vulnrichment
vulnrichment
cve
cve
CVE-2024-43692
2024-09-25 01:15:43
ics
ics
Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE
2024-09-24 12:00:00
thn
thn
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
2024-09-30 11:55:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Related for NVD:CVE-2024-43692