OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform administrative actions without proper authentication.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

Vendors Products
Omntec
  • Proteus Tank Monitoring

No data.

No data.

References
Link Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-06 cve-icon cve-icon
History

Fri, 27 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Omntec
Omntec proteus Tank Monitoring
CPEs cpe:2.3:a:omntec:proteus_tank_monitoring:oel8000_iii_series:*:*:*:*:*:*:*
Vendors & Products Omntec
Omntec proteus Tank Monitoring
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 27 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
Description OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform administrative actions without proper authentication.
Title OMNTEC Proteus Tank Monitoring Missing Authentication for Critical Function
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-09-27T16:11:26.742Z

Updated: 2024-09-27T16:37:39.401Z

Reserved: 2024-07-22T13:39:53.735Z

Link: CVE-2024-6981

cve-icon Vulnrichment

Updated: 2024-09-27T16:37:32.700Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-27T17:15:13.653

Modified: 2024-09-30T12:45:57.823

Link: CVE-2024-6981

cve-icon Redhat

No data.