CVE-2024-31416
Last modified
CVE-2024-31416 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the length and bounds of the entered value. EPSS estimates a 0.27% chance of exploitation in the next 30 days.
Description
The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the length and bounds of the entered value. The exploit of this security flaw by a bad actor may result in excessive memory consumption or integer overflow.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Eaton | Foreseer Electrical Power Monitoring System | < 7.8.600 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-31416?
How severe is CVE-2024-31416?
How do I fix CVE-2024-31416?
Are you affected by CVE-2024-31416?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST