admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/39xxx/CVE-2024-39815.json
CVE Team 7d6493b6f2
"-Synchronized-Data."
2024-08-08 20:00:35 +00:00

265 lines
11 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-39815",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper check or handling of exceptional conditions vulnerability \naffecting Vonets\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated \nremote attacker to cause a denial of service. A specially-crafted \nHTTP request to pre-authentication resources can crash the service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703",
"cweId": "CWE-703"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink