CVE-2024-6414

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jun 30, 2024

Updated: Jul 1, 2024

CWE ID 425

Summary

CVE-2024-6414 is a recently disclosed vulnerability affecting Parsec Automation TrakSYS 11.x.x. The issue lies within an unknown function of the "TS/export/contentpage" component in the Export Page. Manipulation of the argument ID allows an attacker to make a direct request, potentially launching the attack remotely. This vulnerability, identified as VDB-270000, has been made public and could be exploited. Despite early notification, the vendor has not responded to disclose a patch or mitigation strategies.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TrakSYS

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wtwzJY
https://www.cve.org/CVERecord?id=CVE-2024-6414
https://nvd.nist.gov/vuln/detail/CVE-2024-6414

Back to Vulnerability Database

CVE-2024-6414

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations