CVE-2024-6122

Published Jul 22, 2024

Last updated 2 months ago

CVSS medium 5.5

Overview

Description: An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service.
Source: security@ni.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-276
security@ni.com: CWE-276

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ni:systemlink:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61E2B822-C1E9-4ED5-A6D1-FF569A414330",
            "versionEndIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:ni:systemlink:2024:q1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA70DCDA-FE97-42A2-B45E-33154D29B840"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ni:flexlogger:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D4CB33D-BB7C-4EBD-9E78-A9EDF952A7A6",
            "versionEndIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:ni:flexlogger:2023:q2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA33AE39-F976-4C56-9A4B-8932BC6855C9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References