6.9
CVE-2024-2461
- EPSS 0.2%
- Veröffentlicht 11.06.2024 13:15:49
- Zuletzt bearbeitet 21.11.2024 09:09:48
- Quelle cybersecurity@hitachienergy.co
- CVE-Watchlists
- Unerledigt
If exploited an attacker could traverse the file system to access files or directories that would otherwise be inaccessible
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerHitachi Energy
≫
Produkt
FOX61x
Default Statusunaffected
Version <=
FOX61x R16B Revision E (cesm3_r16b04_02, cesne_r16b04_02 and f10ne_r16b04_02)
Version
0
Status
affected
Version
FOX61x R16B Revision G, version (cesm3_r16b04_07, cesne_r16b04_07, f10ne_r16b04_07)
Status
unaffected
Version
FOX61x R15B
Status
affected
Version
FOX61X R16B Revision G, (cesm3_r16b04_07, cesne_r16b04_07, f10ne_r16b04_07)
Status
unaffected
Version
FOX61x R16A
Status
affected
Version
FOX61x R15A
Status
affected
HerstellerHitachi Energy
≫
Produkt
XMC20
Default Statusunaffected
Version <=
XMC20 R16B Revision C (cent2_r16b04_02, co5ne_r16b04_02)
Version
0
Status
affected
Version
XMC20 R16B Revision D, version (cent2_r16b04_07, co5ne_r16b04_07)
Status
unaffected
Version
XMC20 R15B
Status
affected
Version
XMC20 R16B Revision D, version (cent2_r16b04_07, co5ne_r16b04_07)
Status
unaffected
Version
XMC20 R16A
Status
affected
Version
XMC20 R15A
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.423 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cybersecurity@hitachienergy.com | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-23 Relative Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.