CVE-2024-10774

Published Dec 6, 2024

Last updated 3 months ago

CVSS high 7.3

Overview

Description
Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication.
Source
psirt@sick.de
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.3
Impact score
3.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Severity
HIGH

Weaknesses

psirt@sick.de
CWE-306

Social media

Hype score
Not currently trending

  1. CVE-2024-10774 Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication. https://t.co/EcaBWEIki8

    @CVEnew

    6 Dec 2024

    245 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References