2024-02-13 15:00:28 +00:00
{
"id" : "CVE-2024-1309" ,
"sourceIdentifier" : "psirt@honeywell.com" ,
"published" : "2024-02-13T14:15:46.463" ,
2024-03-20 15:04:07 +00:00
"lastModified" : "2024-03-19T21:15:07.570" ,
2024-02-13 17:00:28 +00:00
"vulnStatus" : "Awaiting Analysis" ,
2024-02-13 15:00:28 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.This issue affects Niagara Framework: before Niagara AX 3.8.1, before Niagara 4.1.\n\n"
2024-03-20 15:04:07 +00:00
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de consumo de recursos no controlado en Honeywell Niagara Framework en Windows, Linux y QNX permite la suplantaci\u00f3n de contenido. Este problema afecta a Niagara Framework: antes de Niagara AX 3.8.1, antes de Niagara 4.1."
2024-02-13 15:00:28 +00:00
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "psirt@honeywell.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 6.4
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 4.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "psirt@honeywell.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-400"
}
]
}
] ,
"references" : [
{
"url" : "https://process.honeywell.com" ,
"source" : "psirt@honeywell.com"
} ,
{
"url" : "https://www.honeywell.com/us/en/product-security" ,
"source" : "psirt@honeywell.com"
2024-03-20 15:04:07 +00:00
} ,
{
"url" : "https://www.kb.cert.org/vuls/id/417980" ,
"source" : "psirt@honeywell.com"
2024-02-13 15:00:28 +00:00
}
]
}
