CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5624

Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://www.br-automation.com/fileadmin/SA24P2014_Multiple_vulnerabilities_in_BR_APROL.pdf-367290ae.pdf

Products affected by CVE-2024-5624

Br-Automation » Industrial Automation Aprol » Version: N/A

cpe:2.3:a:br-automation:industrial_automation_aprol:-
Br-Automation » Industrial Automation Aprol » Version: r4.2

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2
Br-Automation » Industrial Automation Aprol » Version: r4.2-01

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2-01
Br-Automation » Industrial Automation Aprol » Version: r4.2-03

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2-03
Br-Automation » Industrial Automation Aprol » Version: r4.2-05

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2-05
Br-Automation » Industrial Automation Aprol » Version: r4.2-07

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2-07
Br-Automation » Industrial Automation Aprol » Version: r4.2-07p3

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.2-07p3
Br-Automation » Industrial Automation Aprol » Version: r4.3-00p3

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.3-00p3
Br-Automation » Industrial Automation Aprol » Version: r4.4-00p3

cpe:2.3:a:br-automation:industrial_automation_aprol:r4.4-00p3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5624

Products

Pricing

Contact Us