Untrusted Domains Vulnerability Affects ExacqVision Web Services
CVE-2024-32862

8.1HIGH

Key Information:

Vendor: Microsoft
Status: Exacqvision Web Service
Vendor: CVE Published:; 1 August 2024

Summary

In certain scenarios, ExacqVision Web Services fails to adequately safeguard against untrusted domains, potentially allowing attackers to exploit this weakness for unauthorized access or data exposure. This vulnerability can pose significant risks to organizations utilizing the affected services, as it compromises the integrity and security of the data managed through ExacqVision's infrastructure.

References

https://www.johnsoncontrols.com/trust-center/cybersecurit...

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 1, 2024