A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability
an attacker must have a valid credential.
References
Link | Resource |
---|---|
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Oct 2024, 15:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hitachienergy microscada Pro Sys600
|
|
CPE | cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf4:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf3:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf1:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf2:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf5:*:*:*:*:*:* |
|
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
29 Oct 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential. |
05 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-943 |
28 Aug 2024, 16:25
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:hitachienergy:microscada_x_sys600:*:*:*:*:*:*:*:* | |
First Time |
Hitachienergy microscada X Sys600
Hitachienergy |
|
References | () https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch - Vendor Advisory | |
Summary |
|
27 Aug 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-27 13:15
Updated : 2024-10-30 15:31
NVD link : CVE-2024-4872
Mitre link : CVE-2024-4872
CVE.ORG link : CVE-2024-4872
JSON object : View
Products Affected
hitachienergy
- microscada_x_sys600
- microscada_pro_sys600
CWE