CVE-2024-21794

EUVD-2024-19408
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L
icscertCNA
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
rapidscadarapid_scada
𝑥
≤ 5.8.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://rapidscada.org/contact/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-03
https://rapidscada.org/contact/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-03