CVE-2024-8530

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Oct 11, 2024

Updated: Oct 15, 2024

CWE ID 306

Summary

CVE-2024-8530 is a newly identified vulnerability carrying a CWE-306 classification, namely "Missing Authentication for Critical Function." This issue puts private data at risk by allowing unauthorized access to "logcaptures" archives directly via HTTPS. The vulnerability arises when authentication fails to secure critical functions, potentially enabling unintended actors to retrieve sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Electric Data Center Expert
Data Center Expert

Affected Vendors

Schneider Electric

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/yZZt7j
https://www.cve.org/CVERecord?id=CVE-2024-8530
https://nvd.nist.gov/vuln/detail/CVE-2024-8530

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners