CVE-2024-32931: exacqVison - Token Disclosed in URL

Q: What is the severity of CVE-2024-32931?

The severity of CVE-2024-32931 is assessed as high due to its potential to expose authentication token details.

Q: How do I fix CVE-2024-32931?

To mitigate CVE-2024-32931, update the exacqVision Web Service to version 24.04 or later.

Q: What are the potential impacts of CVE-2024-32931?

CVE-2024-32931 could allow unauthorized access to sensitive authentication details, increasing the risk of account compromise.

Q: Which versions of exacqVision Web Service are affected by CVE-2024-32931?

CVE-2024-32931 affects all versions of exacqVision Web Service up to and including version 24.03.

Q: What is the nature of the vulnerability in CVE-2024-32931?

CVE-2024-32931 involves the exposure of authentication token details in communications under certain circumstances.

Published Aug 1, 2024

Updated

Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.

Affected Software

1 affected component

Johnsoncontrols Exacqvision Web Service<=24.03

Remediation

Information

Update exacqVision Web Service to version 24.06

Event History

Aug 1, 2024

CVE Published

via MITRE·09:18 PM

Data Sourced

via MITRE·09:18 PM

RemedyDescriptionSeverityWeakness

Data Sourced

via NVD·10:15 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2024-32931?

The severity of CVE-2024-32931 is assessed as high due to its potential to expose authentication token details.

How do I fix CVE-2024-32931?

To mitigate CVE-2024-32931, update the exacqVision Web Service to version 24.04 or later.

What are the potential impacts of CVE-2024-32931?