Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
History

Fri, 08 Nov 2024 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Axis
Axis axis Os
Axis axis Os 2020
Axis axis Os 2022
CPEs cpe:2.3:o:axis:axis_os:5.51:*:*:*:*:*:*:*
cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*
cpe:2.3:o:axis:axis_os_2022:-:*:*:*:lts:*:*:*
Vendors & Products Axis
Axis axis Os
Axis axis Os 2020
Axis axis Os 2022
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 08 Nov 2024 09:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-319

cve-icon MITRE

Status: PUBLISHED

Assigner: Axis

Published: 2024-06-18T06:10:25.800Z

Updated: 2024-11-08T08:50:35.312Z

Reserved: 2023-11-22T19:14:29.296Z

Link: CVE-2024-0066

cve-icon Vulnrichment

Updated: 2024-08-01T17:41:15.624Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-18T06:15:10.723

Modified: 2024-11-21T08:45:49.587

Link: CVE-2024-0066

cve-icon Redhat

No data.