← volver
CVE-2024-31414

CVE-2024-31414

CVSS 6.7 MEDIUMEPSS 0.3%CWE-79
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.7EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 sep 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sanitization on the server-side, which could lead to injection and execution of malicious scripts when abused by bad actors.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Eaton · Foreseer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf