CVE-2024-10511

Summary

CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricPowerChute Serial ShutdownVersions v1.2.0.301 and prioraffected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References