Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-14xc-6c7p-bkdv
SummaryUncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Aliases
0
alias CVE-2024-9852
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9852
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22463
published_at 2026-06-11T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22659
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9852
1
reference_url https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf
reference_id 2024-010_en.pdf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-29T18:39:20Z/
url https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf
2
reference_url https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-04
reference_id icsa-24-338-04
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-29T18:39:20Z/
url https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-04
3
reference_url https://jvn.jp/vu/JVNVU93891820
reference_id JVNVU93891820
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-29T18:39:20Z/
url https://jvn.jp/vu/JVNVU93891820
Weaknesses
0
cwe_id 427
name Uncontrolled Search Path Element
description The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Exploits
Severity_range_score7.8 - 7.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-14xc-6c7p-bkdv