8.9
CVE-2024-7059
- EPSS 0.26%
- Veröffentlicht 05.11.2024 13:15:03
- Zuletzt bearbeitet 09.11.2024 23:15:13
- Quelle security@genetec.com
- CVE-Watchlists
- Unerledigt
A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellergenetec
≫
Produkt
security_center
Default Statusunaffected
Version <
5.8.2.1
Version
0
Status
affected
Version <
5.9.5.8
Version
5.9.0.0
Status
affected
Version <
5.10.4.23
Version
5.10.0.0
Status
affected
Version <
5.11.3.13
Version
5.11.0.0
Status
affected
Version <
5.12.1.3
Version
5.12.0.0
Status
affected
Version <
5.12.2.1
Version
5.12.2.0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.494 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@genetec.com | 8.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| security@genetec.com | 8 | 1.3 | 6 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.