5.3
CVE-2024-0066
- EPSS 0.07%
- Veröffentlicht 18.06.2024 06:15:10
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle product-security@axis.com
- CVE-Watchlists
- Unerledigt
Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstelleraxis
≫
Produkt
axis_os_2020
Default Statusunaffected
Version
0
Version <
9.80.69
Status
affected
Herstelleraxis
≫
Produkt
axis_os_2022
Default Statusunaffected
Version
0
Version <
10.12.236
Status
affected
Herstelleraxis
≫
Produkt
axis_os
Default Statusunaffected
Version <=
11.9
Version
5.51
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.223 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| product-security@axis.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.