CVE-2024-8884

9.8

Critical

Published:8 Oct 2024

Last updated:17 Jun 2026

Source:cybersecurity@se.com

Deferred

Weakness (CWE)

CWE-200Exposure of Sensitive Information

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http

References

cybersecurity@se.com

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-07.pdf