Sign-up

ID

VAR-202403-0784


CVE

CVE-2024-28029


TITLE

Delta Electronics, INC.  of  DIAEnergie  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020

DESCRIPTION

Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality. Delta Electronics, INC. of DIAEnergie Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-28029 // JVNDB: JVNDB-2024-003020

AFFECTED PRODUCTS

vendor:deltawwmodel:diaenergiescope:ltversion:1.10.00.005

Trust: 1.0

vendor:deltamodel:diaenergiescope:eqversion: -

Trust: 0.8

vendor:deltamodel:diaenergiescope: - version: -

Trust: 0.8

vendor:deltamodel:diaenergiescope:eqversion:1.10.00.005

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020 // NVD: CVE-2024-28029

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2024-28029
value: HIGH

Trust: 1.8

ics-cert@hq.dhs.gov: CVE-2024-28029
value: HIGH

Trust: 1.0

NVD:
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2024-28029
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020 // NVD: CVE-2024-28029 // NVD: CVE-2024-28029

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020 // NVD: CVE-2024-28029

EXTERNAL IDS

db:NVDid:CVE-2024-28029

Trust: 2.6

db:ICS CERTid:ICSA-24-074-12

Trust: 1.8

db:JVNid:JVNVU97802107

Trust: 0.8

db:JVNDBid:JVNDB-2024-003020

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020 // NVD: CVE-2024-28029

REFERENCES

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-12

Trust: 1.8

url:https://jvn.jp/vu/jvnvu97802107/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-28029

Trust: 0.8

sources: JVNDB: JVNDB-2024-003020 // NVD: CVE-2024-28029

SOURCES

db:JVNDBid:JVNDB-2024-003020
db:NVDid:CVE-2024-28029

LAST UPDATE DATE

2024-03-28T19:13:23.958000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-003020date:2024-03-27T00:47:00
db:NVDid:CVE-2024-28029date:2024-03-25T16:06:44.403

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-003020date:2024-03-27T00:00:00
db:NVDid:CVE-2024-28029date:2024-03-21T22:15:11.353