CVE-2024-42493

Dorsett Controls InfoScan Exposure of Sensitive Information To An Unauthorized Actor

Description

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login.

INFO

Published Date :

2024-08-08T17:23:04.770Z

Last Modified :

2024-08-09T15:04:20.077Z

Source :

icscert

AFFECTED PRODUCTS

The following products are affected by CVE-2024-42493 vulnerability.

Vendors	Products
Dorsettcontrols	Infoscan

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42493.

URL	Resource
https://portal.dtscada.com/#/security-bulletins?bulletin=1
https://www.cisa.gov/news-events/ics-advisories/icsa-24-221-01

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact