Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution.
History

Mon, 21 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Axiros
Axiros axess
CPEs cpe:2.3:a:axiros:axess:4.0:*:*:*:*:*:*:*
cpe:2.3:a:axiros:axess:5.0.0:*:*:*:*:*:*:*
Vendors & Products Axiros
Axiros axess
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 21 Oct 2024 19:30:00 +0000

Type Values Removed Values Added
Description Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has Incorrect Access Control. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution. Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-06-24T00:00:00

Updated: 2024-10-21T19:11:50.614903

Reserved: 2024-04-28T00:00:00

Link: CVE-2024-33898

cve-icon Vulnrichment

Updated: 2024-08-02T02:42:59.624Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-24T22:15:10.207

Modified: 2024-11-21T09:17:41.610

Link: CVE-2024-33898

cve-icon Redhat

No data.