CVE-2024-28023

{"id": "CVE-2024-28023", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 1.5}]}, "published": "2024-06-11T14:15:10.803", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true", "source": "cybersecurity@hitachienergy.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "description": [{"lang": "en", "value": "CWE-259"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code."}, {"lang": "es", "value": "Existe una vulnerabilidad en el mecanismo de cola de mensajes que, si se explota, puede provocar la exposici\u00f3n de recursos o funcionalidades a actores no deseados, posiblemente proporcionando a los atacantes informaci\u00f3n confidencial o incluso ejecutar c\u00f3digo arbitrario."}], "lastModified": "2024-06-13T18:36:45.417", "sourceIdentifier": "cybersecurity@hitachienergy.com"}