OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/en/cp-139-8072-928a5-2.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-8071-46589-1.html | Third Party Advisory |
Configurations
History
20 Sep 2024, 14:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:syscomgo:omflow:*:*:*:*:*:*:*:* | |
First Time |
Syscomgo omflow
Syscomgo |
|
CWE | CWE-522 | |
References | () https://www.twcert.org.tw/en/cp-139-8072-928a5-2.html - Third Party Advisory | |
References | () https://www.twcert.org.tw/tw/cp-132-8071-46589-1.html - Third Party Advisory |
16 Sep 2024, 15:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Sep 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-16 06:15
Updated : 2024-09-20 14:22
NVD link : CVE-2024-8777
Mitre link : CVE-2024-8777
CVE.ORG link : CVE-2024-8777
JSON object : View
Products Affected
syscomgo
- omflow