CVE-2024-8884

EUVD-2024-49455
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that
could cause exposure of credentials when attacker has access to application on network over
http
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
schneider_electricsystem_monitor_application_in_harmony_industrial_pc_hmibmo_hmibmi_hmipso_hmibmp_hmibmu_hmipsp_hmipep_series
𝑥
≤ *
ADP
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-07.pdf