Sign-up

ID

VAR-202504-3524


TITLE

Beijing Yakong Technology Development Co., Ltd. KingH5Stream has an unauthorized access vulnerability (CNVD-2024-33960)

Trust: 0.6

sources: CNVD: CNVD-2024-33960

DESCRIPTION

Beijing Yakong Technology Development Co., Ltd. is a high-tech enterprise of industrial automation and information software platform, focusing on independent research and development, marketing and service of domestic industrial software. Beijing Yakong Technology Development Co., Ltd. KingH5Stream has an unauthorized access vulnerability, which can be exploited by attackers to add/delete users beyond their authority.

Trust: 0.6

sources: CNVD: CNVD-2024-33960

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-33960

AFFECTED PRODUCTS

vendor:yakongmodel:kingh5streamscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2024-33960

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2024-33960
value: LOW

Trust: 0.6

CNVD: CNVD-2024-33960
severity: LOW
baseScore: 3.6
vectorString: AV:N/AC:H/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2024-33960

PATCH

title:Patch for Beijing Yakong Technology Development Co., Ltd. KingH5Stream has an unauthorized access vulnerability (CNVD-2024-33960)url:https://www.cnvd.org.cn/patchInfo/show/683261

Trust: 0.6

sources: CNVD: CNVD-2024-33960

EXTERNAL IDS

db:CNVDid:CNVD-2024-33960

Trust: 0.6

sources: CNVD: CNVD-2024-33960

SOURCES

db:CNVDid:CNVD-2024-33960

LAST UPDATE DATE

2025-05-13T23:09:35.009000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-33960date:2025-04-25T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-33960date:2025-04-25T00:00:00