CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-21870

A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.9%

CVSS Severity

CVSS v3 Score 4.9

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950

Products affected by CVE-2024-21870

Openautomationsoftware » Open Automation Software » Version: 19.0.0.57

cpe:2.3:a:openautomationsoftware:open_automation_software:19.0.0.57

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-21870

Products

Pricing

Contact Us