CVE-2024-12057 (GCVE-0-2024-12057)
Vulnerability from cvelistv5 – Published: 2024-12-09 19:08 – Updated: 2025-03-21 15:55
VLAI?
Summary
User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.
By exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12057",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T21:22:40.386531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:22:49.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Server Extensions"
],
"product": "PcVue",
"vendor": "arcinfo",
"versions": [
{
"lessThan": "16.2.4",
"status": "affected",
"version": "16.0.0",
"versionType": "cpe"
},
{
"lessThan": "15.2.11",
"status": "affected",
"version": "15.0.0",
"versionType": "cpe"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Only servers where the Web \u0026amp; Mobile features are deployed are affected.\u003cbr\u003eThe PcVue Web back end and the Web Server must run different versions."
}
],
"value": "Only servers where the Web \u0026 Mobile features are deployed are affected.\nThe PcVue Web back end and the Web Server must run different versions."
}
],
"datePublic": "2024-12-02T23:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "User credentials (login \u0026amp; password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\u003cbr\u003eBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application."
}
],
"value": "User credentials (login \u0026 password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No POC available."
}
],
"value": "No POC available."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Not known to be exploited"
}
],
"value": "Not known to be exploited"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 1.8,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"providerUrgency": "CLEAR",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Clear",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T15:55:47.995Z",
"orgId": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932",
"shortName": "arcinfo"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.pcvue.com/security/#SB2024-6"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cu\u003eUninstall the Web Server\u003cbr\u003e\u003c/u\u003e\u003c/b\u003eIf your system does not require the use of the Web \u0026amp; Mobile features, you should make sure not to install them. \u003cbr\u003e\u003cb\u003e\u003cu\u003e\u003cbr\u003eRe-deploy the Web Server:\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eRe-deploy the Web Server with the Web Deployment Console (WDC) provided with the PcVue Web back end installation so that the PcVue Web back end and the Web server run the same version.\u003cbr\u003e\u003cbr\u003e\n\n\u003cb\u003e\u003cu\u003eUpdate the PcVue Web back end\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eInstall a patched release of the product, including the Web back end and Web Deployment Console (WDC) and use the WDC to re-deploy the Web Server. In case of future updates, credentials will no longer be inserted into the Log files even if the PcVue back end and the Web server are incompatible.\u003cbr\u003e\u003cbr\u003e\u003cb\u003e\u003cu\u003eAvailable patches:\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eFixed in:\u003cbr\u003e\u003cul\u003e\u003cli\u003e16.2.4\u003c/li\u003e\u003cli\u003e15.2.11\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Uninstall the Web Server\nIf your system does not require the use of the Web \u0026 Mobile features, you should make sure not to install them. \n\nRe-deploy the Web Server:\nRe-deploy the Web Server with the Web Deployment Console (WDC) provided with the PcVue Web back end installation so that the PcVue Web back end and the Web server run the same version.\n\n\n\nUpdate the PcVue Web back end\nInstall a patched release of the product, including the Web back end and Web Deployment Console (WDC) and use the WDC to re-deploy the Web Server. In case of future updates, credentials will no longer be inserted into the Log files even if the PcVue back end and the Web server are incompatible.\n\nAvailable patches:\nFixed in:\n * 16.2.4\n * 15.2.11"
}
],
"source": {
"advisory": "SB2024-6",
"discovery": "EXTERNAL"
},
"title": "User credentials recorded in log files",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932",
"assignerShortName": "arcinfo",
"cveId": "CVE-2024-12057",
"datePublished": "2024-12-09T19:08:15.527Z",
"dateReserved": "2024-12-02T19:57:23.640Z",
"dateUpdated": "2025-03-21T15:55:47.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"User credentials (login \u0026 password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\\nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.\"}, {\"lang\": \"es\", \"value\": \"Las credenciales de usuario (nombre de usuario y contrase\\u00f1a) se insertan en los archivos de registro cuando un usuario intenta autenticarse utilizando una versi\\u00f3n de un cliente web que no es compatible con la del back end web de PcVue. Al explotar esta vulnerabilidad, un atacante podr\\u00eda recuperar las credenciales de un usuario accediendo al archivo de registro. La explotaci\\u00f3n exitosa de esta vulnerabilidad podr\\u00eda llevar a un acceso no autorizado a la aplicaci\\u00f3n.\"}]",
"id": "CVE-2024-12057",
"lastModified": "2024-12-09T19:15:12.750",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Clear\", \"baseScore\": 1.8, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"LOW\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"NONE\", \"subsequentSystemConfidentiality\": \"LOW\", \"subsequentSystemIntegrity\": \"LOW\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NO\", \"recovery\": \"USER\", \"valueDensity\": \"CONCENTRATED\", \"vulnerabilityResponseEffort\": \"MODERATE\", \"providerUrgency\": \"CLEAR\"}}]}",
"published": "2024-12-09T19:15:12.750",
"references": "[{\"url\": \"https://www.pcvue.com/security/#SB2024-6\", \"source\": \"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\"}]",
"sourceIdentifier": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-532\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-12057\",\"sourceIdentifier\":\"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\",\"published\":\"2024-12-09T19:15:12.750\",\"lastModified\":\"2024-12-09T19:15:12.750\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"User credentials (login \u0026 password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\\nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.\"},{\"lang\":\"es\",\"value\":\"Las credenciales de usuario (nombre de usuario y contrase\u00f1a) se insertan en los archivos de registro cuando un usuario intenta autenticarse utilizando una versi\u00f3n de un cliente web que no es compatible con la del back end web de PcVue. Al explotar esta vulnerabilidad, un atacante podr\u00eda recuperar las credenciales de un usuario accediendo al archivo de registro. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda llevar a un acceso no autorizado a la aplicaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Clear\",\"baseScore\":1.8,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"CLEAR\"}}]},\"weaknesses\":[{\"source\":\"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]}],\"references\":[{\"url\":\"https://www.pcvue.com/security/#SB2024-6\",\"source\":\"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-12057\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-10T21:22:40.386531Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-10T21:22:46.259Z\"}}], \"cna\": {\"title\": \"User credentials recorded in log files\", \"source\": {\"advisory\": \"SB2024-6\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 1.8, \"Automatable\": \"NO\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Clear\", \"providerUrgency\": \"CLEAR\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"arcinfo\", \"modules\": [\"Web Server Extensions\"], \"product\": \"PcVue\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0\", \"lessThan\": \"16.2.4\", \"versionType\": \"cpe\"}, {\"status\": \"affected\", \"version\": \"15.0.0\", \"lessThan\": \"15.2.11\", \"versionType\": \"cpe\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"No POC available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No POC available.\", \"base64\": false}]}, {\"lang\": \"en\", \"value\": \"Not known to be exploited\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Not known to be exploited\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Uninstall the Web Server\\nIf your system does not require the use of the Web \u0026 Mobile features, you should make sure not to install them. \\n\\nRe-deploy the Web Server:\\nRe-deploy the Web Server with the Web Deployment Console (WDC) provided with the PcVue Web back end installation so that the PcVue Web back end and the Web server run the same version.\\n\\n\\n\\nUpdate the PcVue Web back end\\nInstall a patched release of the product, including the Web back end and Web Deployment Console (WDC) and use the WDC to re-deploy the Web Server. In case of future updates, credentials will no longer be inserted into the Log files even if the PcVue back end and the Web server are incompatible.\\n\\nAvailable patches:\\nFixed in:\\n * 16.2.4\\n * 15.2.11\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cb\u003e\u003cu\u003eUninstall the Web Server\u003cbr\u003e\u003c/u\u003e\u003c/b\u003eIf your system does not require the use of the Web \u0026amp; Mobile features, you should make sure not to install them. \u003cbr\u003e\u003cb\u003e\u003cu\u003e\u003cbr\u003eRe-deploy the Web Server:\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eRe-deploy the Web Server with the Web Deployment Console (WDC) provided with the PcVue Web back end installation so that the PcVue Web back end and the Web server run the same version.\u003cbr\u003e\u003cbr\u003e\\n\\n\u003cb\u003e\u003cu\u003eUpdate the PcVue Web back end\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eInstall a patched release of the product, including the Web back end and Web Deployment Console (WDC) and use the WDC to re-deploy the Web Server. In case of future updates, credentials will no longer be inserted into the Log files even if the PcVue back end and the Web server are incompatible.\u003cbr\u003e\u003cbr\u003e\u003cb\u003e\u003cu\u003eAvailable patches:\u003c/u\u003e\u003c/b\u003e\u003cbr\u003eFixed in:\u003cbr\u003e\u003cul\u003e\u003cli\u003e16.2.4\u003c/li\u003e\u003cli\u003e15.2.11\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-12-02T23:00:00.000Z\", \"references\": [{\"url\": \"https://www.pcvue.com/security/#SB2024-6\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"User credentials (login \u0026 password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\\nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"User credentials (login \u0026amp; password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\u003cbr\u003eBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-532\", \"description\": \"CWE-532 Insertion of Sensitive Information into Log File\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Only servers where the Web \u0026 Mobile features are deployed are affected.\\nThe PcVue Web back end and the Web Server must run different versions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Only servers where the Web \u0026amp; Mobile features are deployed are affected.\u003cbr\u003eThe PcVue Web back end and the Web Server must run different versions.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\", \"shortName\": \"arcinfo\", \"dateUpdated\": \"2025-03-21T15:55:47.995Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-12057\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-21T15:55:47.995Z\", \"dateReserved\": \"2024-12-02T19:57:23.640Z\", \"assignerOrgId\": \"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932\", \"datePublished\": \"2024-12-09T19:08:15.527Z\", \"assignerShortName\": \"arcinfo\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…