ByteOS Network

CVE Vulnerability Details :

CVE-2024-10534

PUBLISHED

More Info Official Page

Assigner-TR-CERT

Assigner Org ID-ca940d4e-fea4-4aa2-9a58-591a58b1ce21

Published At-15 Nov, 2024 | 11:02

Updated At-15 Nov, 2024 | 17:32

▼CVE Numbering Authority (CNA)

Improper Access Control in Dataprom Informatics' PACS-ACSS

Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This issue affects Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS): before 2024.

Affected Products

Vendor

Dataprom Informatics

Product

Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS)

Default Status

unaffected

Versions

Affected

From 0 before 2024 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-346	CWE-346 Origin Validation Error

Type: CWE

CWE ID: CWE-346

Description: CWE-346 Origin Validation Error

Metrics

Version	Base score	Base severity	Vector
4.0	8.6	HIGH	CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Version: 4.0

Base score: 8.6

Base severity: HIGH

Vector:

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Impacts

CAPEC ID	Description
CAPEC-594	CAPEC-594 Traffic Injection

CAPEC ID: CAPEC-594

Description: CAPEC-594 Traffic Injection

Credits

finder

Yusuf Kamil CAVUSOGLU

sponsor

Havelsan Inc.

References

Hyperlink	Resource
https://www.usom.gov.tr/bildirim/tr-24-1856	N/A

Hyperlink: https://www.usom.gov.tr/bildirim/tr-24-1856

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Vendor

dataprom_informatics

Product

personnel_attendance_control_systems

CPEs

cpe:2.3:a:dataprom_informatics:personnel_attendance_control_systems:*:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 before 2024 (custom)

Vendor

dataprom_informatics

Product

access_control_security_systems

CPEs

cpe:2.3:a:dataprom_informatics:access_control_security_systems:*:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 before 2024 (custom)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Affected

Affected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References