CVE-2024-5557

CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:spacelogic_as-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:spacelogic_as-b:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:schneider-electric:spacelogic_as-p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:spacelogic_as-p:-:*:*:*:*:*:*:*

History

21 Nov 2024, 09:47

Type Values Removed Values Added
References () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf - Patch, Vendor Advisory () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf - Patch, Vendor Advisory

25 Jul 2024, 20:00

Type Values Removed Values Added
First Time Schneider-electric
Schneider-electric spacelogic As-b Firmware
Schneider-electric spacelogic As-p Firmware
Schneider-electric spacelogic As-b
Schneider-electric spacelogic As-p
References () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf - () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf - Patch, Vendor Advisory
CPE cpe:2.3:h:schneider-electric:spacelogic_as-p:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:spacelogic_as-b:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:spacelogic_as-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:spacelogic_as-p_firmware:*:*:*:*:*:*:*:*

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) CWE-532: Existe una vulnerabilidad de inserción de información confidencial en el archivo de registro que podría causar la exposición de las credenciales SNMP cuando un atacante tiene acceso a los registros del controlador.

12 Jun 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-12 17:15

Updated : 2024-11-21 09:47


NVD link : CVE-2024-5557

Mitre link : CVE-2024-5557

CVE.ORG link : CVE-2024-5557


JSON object : View

Products Affected

schneider-electric

  • spacelogic_as-b_firmware
  • spacelogic_as-p
  • spacelogic_as-b
  • spacelogic_as-p_firmware
CWE
CWE-532

Insertion of Sensitive Information into Log File