Executive Summary

Informations
Name CVE-2024-1573 First vendor Publication 2024-07-04
Vendor Cve Last vendor Modification 2024-07-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Improper Authentication vulnerability in the mobile monitoring feature of ICONICS GENESIS64 versions 10.97 to 10.97.2, Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.2 and Mitsubishi Electric MC Works64 all versions allows a remote unauthenticated attacker to bypass proper authentication and log in to the system when all of the following conditions are met: * Active Directory is used in the security setting.
* “Automatic log in†option is enabled in the security setting.
* The IcoAnyGlass IIS Application Pool is running under an Active Directory Domain Account.
* The IcoAnyGlass IIS Application Pool account is included in GENESIS64TM and MC Works64 Security and has permission to log in.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1573

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-287 Improper Authentication

Sources (Detail)

https://jvn.jp/vu/JVNVU98894016/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-004_en.pdf
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2024-07-05 17:27:24
  • Multiple Updates
2024-07-04 13:27:28
  • First insertion