CVE-2024-37039

CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*

History

25 Jul 2024, 20:21

Type Values Removed Values Added
CPE cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*
References () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-05.pdf - () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-05.pdf - Patch, Vendor Advisory
First Time Schneider-electric
Schneider-electric sage 4400
Schneider-electric sage 1410
Schneider-electric sage 2400
Schneider-electric sage 3030 Magnum
Schneider-electric sage 1450
Schneider-electric sage Rtu Firmware
Schneider-electric sage 1430
CVSS v2 : unknown
v3 : 5.9
v2 : unknown
v3 : 7.5

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) CWE-252: Existe una vulnerabilidad de valor de retorno no verificado que podría causar denegación de servicio del dispositivo cuando un atacante envía una solicitud HTTP especialmente manipulada.

12 Jun 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-12 17:15

Updated : 2024-07-25 20:21


NVD link : CVE-2024-37039

Mitre link : CVE-2024-37039

CVE.ORG link : CVE-2024-37039


JSON object : View

Products Affected

schneider-electric

  • sage_4400
  • sage_1430
  • sage_rtu_firmware
  • sage_3030_magnum
  • sage_2400
  • sage_1450
  • sage_1410
CWE
CWE-252

Unchecked Return Value