CVE-2024-13967

Summary

This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT.

This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8.

Affected Software

VendorProductVersion RangeStatus
ABBEIBPORT V3 KNX0 <= 3.9.8affected
ABBEIBPORT V3 KNX GSM0 <= 3.9.8affected

Weaknesses

  • CWE-384: CWE-384 Session Fixation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References