Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Deltaww
Deltaww infrasuite Device Master |
|
CPEs | cpe:2.3:a:deltaww:infrasuite_device_master:*:*:*:*:*:*:*:* | |
Vendors & Products |
Deltaww
Deltaww infrasuite Device Master |
|
Metrics |
ssvc
|
Wed, 30 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication. | |
Title | Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data | |
Weaknesses | CWE-502 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-10-30T18:04:52.786Z
Updated: 2024-10-30T18:15:45.431Z
Reserved: 2024-10-28T14:05:02.628Z
Link: CVE-2024-10456
Vulnrichment
Updated: 2024-10-30T18:15:40.044Z
NVD
Status : Awaiting Analysis
Published: 2024-10-30T18:15:05.123
Modified: 2024-11-01T12:57:03.417
Link: CVE-2024-10456
Redhat
No data.