Lucene search

[email protected]NVD:CVE-2024-47221

HistorySep 22, 2024 - 1:15 a.m.

CVE-2024-47221

2024-09-2201:15:12

CWE-521

[email protected]

web.nvd.nist.gov

cve-2024-47221

scadaserverengine

mainlogic

rapid scada

checkuser

empty password

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

18.5%

JSON

CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.

Affected configurations

Nvd

Node

rapidscadarapid_scadaRange≤5.8.4

VendorProductVersionCPE
rapidscadarapid_scada*cpe:2.3:a:rapidscada:rapid_scada:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rapidscada	rapid_scada	*	cpe:2.3:a:rapidscada:rapid_scada::::::::

References

github.com/RapidScada/scada/commit/b14cbdfa6cf3a205e57f2383c915365adc3859a7

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

18.5%

JSON

Related for NVD:CVE-2024-47221

vulnrichment1 cvelist1 osv1 cve1