VDB
CVE-2024-5560
CVE-2024-5560
PUBLISHED
CVSS 5.300000190734863 MEDIUM
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.
EPSS 0.23% · 45.6th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.23%
45.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | Sage 2400 | Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 4400 | Versions C3414-500-S02K5_P8 and prior |
| schneider-electric | sage_4400 | 0 |
| Schneider Electric | Sage 1450 | Versions C3414-500-S02K5_P8 and prior |
| schneider-electric | sage_rtu_firmware | 0 |
| Schneider Electric | Sage 1410 | Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 1430 | Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 3030 Magnum | Versions C3414-500-S02K5_P8 and prior |
Timeline
- Jun 11, 2024 CVE Published
- Jun 13, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Jul 29, 2024 EPSS Score
- Aug 21, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 6, 2024 EPSS Score
- Oct 29, 2024 EPSS Score
- Nov 21, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 29, 2025 EPSS Score
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-02.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-03.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-05.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-5560 advisory