11 matches found
CVE-2024-45493
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate...
CVE-2024-45494
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...
CVE-2024-45495
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...
CVE-2024-45493
Summary: CVE-2024-45493 affects MSA FieldServer Gateway versions 5.0.0–6.5.2; a bypass allows an attacker to authenticate with an internal user account from the network, if password known. The issue is fixed in version 7.0.0. Affected product: MSA FieldServer Gateway (FieldServer Gateway) — Field...
CVE-2024-45494
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...
CVE-2024-45495
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...
CVE-2024-45495
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...
PT-2024-31662 · Unknown · Fieldserver Gateway
Name of the Vulnerable Software and Affected Versions: MSA FieldServer Gateway versions 5.0.0 through 6.5.2 Description: The issue allows cross-origin WebSocket hijacking. This means that an attacker can potentially hijack WebSocket connections from a different origin, which could lead to...
MSA Safety FieldServer Gateway 安全漏洞
MSA Safety FieldServer Gateway is a gateway product from MSA Safety USA. A security vulnerability exists in MSA Safety FieldServer Gateway versions 5.0.0 through 6.5.2, which stems from a vulnerability that allows cross-origin WebSocket hijacking...
CVE-2024-45495
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...
CVE-2024-45495
MSA FieldServer Gateway versions 5.0.0–6.5.2 are affected by a cross-origin WebSocket hijacking vulnerability. The issue affects the WebSocket handling in the Gateway, enabling cross-origin hijacking potentially leading to unauthorized connection control. Affected products are MSA FieldServer Gat...