CVE-2024-8933
CVSS V2 None
CVSS V3 None
Description
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of
confidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the
logical network while a valid user uploads or downloads a project file into the controller.
Overview
- CVE ID
- CVE-2024-8933
- Assigner
- schneider
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-13T04:06:09.279Z
- Last Modified Date
- 2024-11-13T04:06:09.279Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-8933 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8933 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-13 13:13:13 | Added to TrackCVE |