CVE-2024-45495 | MSA FieldServer Gateway up to 6.5.2 Websocket cross-domain policy

Posted by Angelo Barbosa | Nov 29, 2024 | CVE

A vulnerability classified as problematic was found in MSA FieldServer Gateway up to 6.5.2. This vulnerability affects unknown code of the component Websocket Handler. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability was named CVE-2024-45495. The attack can be initiated remotely. There is no exploit available.

CVE-2024-45495 | MSA FieldServer Gateway up to 6.5.2 Websocket cross-domain policy

Related Posts

CVE-2023-52455 | Linux Kernel up to 6.6.13/6.7.1 iommu pfn_hi buffer overflow (98b8a550da83/5e23e283910c/bb57f6705960)

CVE-2023-44283 | Dell SupportAssist for Home PCs access control (dsa-2023-401)

CVE-2024-20794 | Adobe Animate up to 23.0.4/24.0.1 null pointer dereference (apsb24-26)

CVE-2024-0437 | Password Protected Plugin up to 2.6.6 on WordPress authorization