CVE-2024-3468

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3468
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
CVSS

No CVSS.

References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-163-02
Configurations

No configuration.

History

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad en AVEVA PI Web API que podría permitir que se ejecute código malicioso en el entorno de PI Web API con los privilegios de un usuario interactivo que fue manipulado socialmente para utilizar la funcionalidad de importación API XML con contenido proporcionado por un atacante.

12 Jun 2024, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-12 21:15

Updated : 2024-06-13 18:36

NVD link : CVE-2024-3468

Mitre link : CVE-2024-3468

CVE.ORG link : CVE-2024-3468

JSON object : View

Products Affected

No product.

CWE
CWE-502

Deserialization of Untrusted Data


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024