CVE-2024-4872

High

A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated…

Hitachi Energy·CWE-943·Published 2024-08-27

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

277 chars

A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential.

NVDen

277 chars

NVDes

110 chars

El producto no valida ninguna consulta sobre datos persistentes, lo que genera riesgo de ataques de inyección.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H