Vulnerability Description
An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hima | F30 03X Yy \(Com\) Firmware | <= 24.14 |
| Hima | F30 03X Yy \(Com\) | - |
| Hima | F30 03X Yy \(Cpu\) Firmware | <= 18.6 |
| Hima | F30 03X \(Cpu\) Yy | - |
| Hima | F35 03X Yy \(Com\) Firmware | <= 24.14 |
| Hima | F35 03X Yy \(Com\) | - |
| Hima | F35 03X Yy \(Cpu\) Firmware | <= 18.6 |
| Hima | F35 03X Yy \(Cpu\) | - |
| Hima | F60 Cpu 03X Yy \(Com\) Firmware | <= 24.14 |
| Hima | F60 Cpu 03X Yy \(Com\) | - |
| Hima | F60 Cpu 03X Yy \(Cpu\) Firmware | <= 18.6 |
| Hima | F60 Cpu 03X Yy \(Cpu\) | - |
| Hima | F-Com 01 Firmware | <= 14.12 |
| Hima | F-Com 01 | - |
| Hima | F-Cpu 01 Firmware | <= 14.16 |
| Hima | F-Cpu 01 | - |
| Hima | X-Com 01 E Yy Firmware | <= 15.14 |
| Hima | X-Com 01 E Yy | - |
| Hima | X-Com 01 Yy Firmware | <= 14.12 |
| Hima | X-Com 01 Yy | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en/advisories/VDE-2024-013MitigationThird Party Advisory
- https://cert.vde.com/en/advisories/VDE-2024-013MitigationThird Party Advisory
FAQ
What is CVE-2024-24782?
CVE-2024-24782 is a vulnerability with a CVSS score of 4.3 (MEDIUM). An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN.
How severe is CVE-2024-24782?
CVE-2024-24782 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-24782?
Check the references section above for vendor advisories and patch information. Affected products include: Hima F30 03X Yy \(Com\) Firmware, Hima F30 03X Yy \(Com\), Hima F30 03X Yy \(Cpu\) Firmware, Hima F30 03X \(Cpu\) Yy, Hima F35 03X Yy \(Com\) Firmware.