Brute Force Vulnerability in Socomec Net Vision Affects Version 7.20
CVE-2024-4601
6.7MEDIUM
What is CVE-2024-4601?
An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value.
Affected Version(s)
Net vision 7.20
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
J. Daniel Martinez (dan1t0)