How severe is CVE-2024-6414?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-6414?

This is classified as CWE-425, which is a common weakness in software security.

CVE-2024-6414 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2004-2257

MEDIUM

CVSS:5.3(Medium)

phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request.

CWE-4252004

CVE-2005-1688

MEDIUM

CVSS:5.3(Medium)

Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in ...

CWE-4252005

CVE-2016-1000111

MEDIUM

CVSS:5.3(Medium)

Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PRO...

CWE-4252016

CVE-2017-2139

MEDIUM

CVSS:5.3(Medium)

CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction ...

CWE-4252017

CVE-2017-2143

MEDIUM

CVSS:5.3(Medium)

CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a cu...

CWE-4252017

CVE-2019-13981

MEDIUM

CVSS:5.3(Medium)

In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which ...

CWE-4252019