Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7941

An HTTP parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.

Published

2024-08-27T13:15:06.467

Last Modified

2024-10-30T15:29:26.673

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-601
Type: Primary
CWE-601

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hitachienergy	microscada_x_sys600	10.5	Yes

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory ([email protected])