5.3
CVE-2024-21866
- EPSS 0.41%
- Veröffentlicht 02.02.2024 00:15:55
- Zuletzt bearbeitet 21.11.2024 08:55:08
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginGeneration of Error Message Containing Sensitive Information in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rapidscada ≫ Rapid Scada Version <= 5.8.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.326 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| ics-cert@hq.dhs.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.
https://rapidscada.org/contact/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-03