CVE-2024-4601

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published May 7, 2024
CWE ID 287

Summary

CVE-2024-4601 is an incorrect authentication vulnerability that affects Socomec Net Vision version 7.20. This vulnerability allows attackers to perform a brute force attack on the application and recover a valid session, as the application uses a five-digit integer value for authentication. The base severity of this vulnerability is rated as MEDIUM, with a base score of 6.7. It has a high impact on integrity and confidentiality, but does not affect availability. The exploitability score is 1.4, indicating that it is relatively easy to exploit. There is no requirement for privileges or user interaction to exploit this vulnerability, and the attack vector is local. To remediate this vulnerability, Socomec Net Vision users should update to a patched version that addresses the authentication issue.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4601 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options