9.8
CVE-2024-39376
- EPSS 0.47%
- Veröffentlicht 27.06.2024 16:15:11
- Zuletzt bearbeitet 21.11.2024 09:27:33
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginImproper Access Control In TELSAT MarKoni FM Transmitter
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive information or performing actions beyond their designated permissions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Markoni ≫ Markoni-d (compact) Firmware Version < 2.0.1
Markoni ≫ Markoni-dh (exciter+amplifiers) Firmware Version < 2.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.47% | 0.368 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| ics-cert@hq.dhs.gov | 9.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-01