CVE-2024-45495

Name of the Vulnerable Software and Affected Versions: MSA FieldServer Gateway versions 5.0.0 through 6.5.2

Description: The issue allows cross-origin WebSocket hijacking. This means that an attacker can potentially hijack WebSocket connections from a different origin, which could lead to unauthorized access or control over the affected system.

Recommendations: For versions 5.0.0 through 6.5.2, consider disabling WebSocket functionality until a patch is available to prevent cross-origin hijacking. Restrict access to the MSA FieldServer Gateway to minimize the risk of exploitation. Avoid using the WebSocket protocol in the affected API endpoints until the issue is resolved.