CVE-2024-54013
8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hanwha Vision | QND-8080R | 0 < 2.24.00 | affected |
Weaknesses
- CWE-306: CWE-306 Missing authentication for critical function
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.