Lucene search

[email protected]NVD:CVE-2024-8752

HistorySep 16, 2024 - 4:15 p.m.

CVE-2024-8752

2024-09-1616:15:14

CWE-22

[email protected]

web.nvd.nist.gov

windows version

webiq 2.15.9

directory traversal

remote attackers

read file

system

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

71.6%

JSON

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.

Affected configurations

Nvd

Node

smart-hmiwebiqMatch2.15.9

AND

microsoftwindowsMatch-

VendorProductVersionCPE
smart-hmiwebiq2.15.9cpe:2.3:a:smart-hmi:webiq:2.15.9:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
smart-hmi	webiq	2.15.9	cpe:2.3:a:smart-hmi:webiq:2.15.9:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

www.tenable.com/security/research/tra-2024-38

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

71.6%

JSON

Related for NVD:CVE-2024-8752

vulnrichment1 cvelist1 cve1 openvas1