CatoVULNRICHMENT:CVE-2024-6973CVE-2024-6973 Remote Code Execution in Cato Windows SDP client via crafted URLs
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
37.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Remote Code Execution in Cato Windows SDP client via crafted URLs.
This issue affects Windows SDP Client before 5.10.34.
CNA Affected
[
{
"vendor": "Cato Networks",
"product": "SDP Client",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "5.10.34",
"versionType": "custom"
}
],
"platforms": [
"Windows"
],
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:catonetworks:sdp_client:*:*:*:*:*:*:*:*"
],
"vendor": "catonetworks",
"product": "sdp_client",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "5.10.34",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
37.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total