FieldServer Gateway
by MSA
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45494 | Cri | 0.64 | 9.8 | 0.00 | Dec 10, 2024 | An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is… | ||
| CVE-2024-45493 | Cri | 0.64 | 9.8 | 0.00 | Dec 10, 2024 | An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow… | ||
| CVE-2024-45495 | Med | 0.28 | 4.3 | 0.00 | Nov 29, 2024 | MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking. |
- risk 0.64cvss 9.8epss 0.00
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is…
- risk 0.64cvss 9.8epss 0.00
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow…
- risk 0.28cvss 4.3epss 0.00
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking.