Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:7 a.m.6 views

CVE-2024-45493

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate...

9.8CVSS7AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:51 a.m.5 views

CVE-2024-45494

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...

9.8CVSS7.4AI score0.00473EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:45 a.m.8 views

CVE-2024-45495

MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...

4.3CVSS7AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 5:15 p.m.25 views

CVE-2024-45493

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate...

9.8CVSS0.00448EPSS
Exploits0References2
NVD
NVD
added 2024/12/10 5:15 p.m.9 views

CVE-2024-45494

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...

9.8CVSS0.00473EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/10 12:0 a.m.21 views

CVE-2024-45493

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate...

0.00448EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.4 views

MSA Safety FieldServer 安全漏洞

MSA Safety FieldServer is a building automation solution from MSA Safety USA. A security vulnerability exists in MSA Safety FieldServer versions prior to 7.0.0, which stems from the fact that access to users inside the FieldServer gateway should be restricted to logging in locally on the device,...

9.8CVSS6.7AI score0.00448EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/10 12:0 a.m.9 views

CVE-2024-45494

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...

9.7AI score0.00473EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/10 12:0 a.m.12 views

CVE-2024-45494

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...

0.00473EPSS
Exploits0References2
CVE
CVE
added 2024/12/10 12:0 a.m.49 views

CVE-2024-45493

Summary: CVE-2024-45493 affects MSA FieldServer Gateway versions 5.0.0–6.5.2; a bypass allows an attacker to authenticate with an internal user account from the network, if password known. The issue is fixed in version 7.0.0. Affected product: MSA FieldServer Gateway (FieldServer Gateway) — Field...

9.8CVSS9.5AI score0.00448EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.2 views

MSA Safety FieldServer 安全漏洞

MSA Safety FieldServer is a building automation solution from MSA Safety USA. A security vulnerability exists in MSA Safety FieldServer versions prior to 7.0.0 that stems from the FieldServer gateway's authentication on all devices being implemented with an insecure shared key that is static acro...

9.8CVSS6.9AI score0.00473EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/10 12:0 a.m.7 views

CVE-2024-45493

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate...

9.5AI score0.00448EPSS
Exploits0References2
CVE
CVE
added 2024/12/10 12:0 a.m.54 views

CVE-2024-45494

The CVE affects MSA FieldServer Gateway versions 5.0.0–6.5.2 (fixed in 7.0.0). A shared administrative user on all devices uses an unsafe, static secret for authentication, enabling potential unauthorized admin access. The issue is described with high impact across confidentiality, integrity, and...

9.8CVSS9.7AI score0.00473EPSS
Exploits0References2
NVD
NVD
added 2024/11/29 5:15 a.m.24 views

CVE-2024-45495

MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...

4.3CVSS0.00179EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/29 12:0 a.m.6 views

PT-2024-31662 · Unknown · Fieldserver Gateway

Name of the Vulnerable Software and Affected Versions: MSA FieldServer Gateway versions 5.0.0 through 6.5.2 Description: The issue allows cross-origin WebSocket hijacking. This means that an attacker can potentially hijack WebSocket connections from a different origin, which could lead to...

4.3CVSS7.1AI score0.00179EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/29 12:0 a.m.5 views

MSA Safety FieldServer Gateway 安全漏洞

MSA Safety FieldServer Gateway is a gateway product from MSA Safety USA. A security vulnerability exists in MSA Safety FieldServer Gateway versions 5.0.0 through 6.5.2, which stems from a vulnerability that allows cross-origin WebSocket hijacking...

4.3CVSS6.8AI score0.00179EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.23 views

CVE-2024-45495

MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...

0.00179EPSS
Exploits0References2
CVE
CVE
added 2024/11/29 12:0 a.m.81 views

CVE-2024-45495

MSA FieldServer Gateway versions 5.0.0–6.5.2 are affected by a cross-origin WebSocket hijacking vulnerability. The issue affects the WebSocket handling in the Gateway, enabling cross-origin hijacking potentially leading to unauthorized connection control. Affected products are MSA FieldServer Gat...

4.3CVSS7AI score0.00179EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.14 views

CVE-2024-45495

MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking...

7.2AI score0.00179EPSS
Exploits0References2
Rows per page
Query Builder