Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hnyu-z13g-k3a2
SummaryAn exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.
Aliases
0
alias CVE-2024-6326
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6326
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.01039
published_at 2026-06-11T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.01037
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6326
1
reference_url https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1678.html
reference_id advisory.SD1678.html
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:49:58Z/
url https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1678.html
Weaknesses
0
cwe_id 269
name Improper Privilege Management
description The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Exploits
Severity_range_score1.8 - 1.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hnyu-z13g-k3a2