Brute Force Vulnerability in Socomec Net Vision Affects Version 7.20
CVE-2024-4601
6.7MEDIUM
Key Information
- Vendor
- Socomec
- Status
- Net Vision
- Vendor
- CVE Published:
- 7 May 2024
Summary
An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value.
Affected Version(s)
Net vision = 7.20
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability Reserved
Vulnerability published
Collectors
NVD DatabaseMitre Database
Credit
J. Daniel Martinez (dan1t0)