Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other.
History

Fri, 04 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Advantech adam-5630
CPEs cpe:2.3:h:advantech:adam-5630:-:*:*:*:*:*:*:*
Vendors & Products Advantech adam-5630

Fri, 27 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Advantech
Advantech adam-5630 Firmware
CPEs cpe:2.3:o:advantech:adam-5630_firmware:*:*:*:*:*:*:*:*
Vendors & Products Advantech
Advantech adam-5630 Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 27 Sep 2024 18:00:00 +0000

Type Values Removed Values Added
Description Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other.
Title Advantech ADAM-5630 Cross-Site Request Forgery
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-09-27T17:41:07.875Z

Updated: 2024-09-27T18:17:57.040Z

Reserved: 2024-06-26T15:26:29.587Z

Link: CVE-2024-28948

cve-icon Vulnrichment

Updated: 2024-09-27T18:17:42.597Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-27T18:15:04.197

Modified: 2024-10-04T18:58:14.400

Link: CVE-2024-28948

cve-icon Redhat

No data.