CVE-2024-7696 — MEDIUM (6.3)

Q: How severe is CVE-2024-7696?

CVE-2024-7696 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-7696?

Check the references section above for vendor advisories and patch information. Affected products include: Axis Camera Station Pro.

Vulnerability Description

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using maliciously crafted audit log entries. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

HIGH

Affected Products

Vendor	Product	Versions
Axis	Camera Station Pro	< 6.5.35848

Related Weaknesses (CWE)

CWE-117

References

https://www.axis.com/dam/public/b3/53/03/cve-2024-7696-en-US-459552.pdfVendor Advisory

FAQ

What is CVE-2024-7696?

CVE-2024-7696 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perfo...

How severe is CVE-2024-7696?

CVE-2024-7696 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-7696?

Check the references section above for vendor advisories and patch information. Affected products include: Axis Camera Station Pro.