PT-2024-38932 · Opw Fuel Management Systems · Sitesentinel
Pedro Umbelino
·
Published
2024-09-24
·
Updated
2024-10-02
·
CVE-2024-8310
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
OPW Fuel Management Systems SiteSentinel versions prior to 17Q2.1
Description:
The issue allows an attacker to bypass authentication to the server and obtain full admin privileges. This could enable remote attacks.
Recommendations:
For OPW Fuel Management Systems SiteSentinel versions prior to 17Q2.1, upgrade to version 17Q2.1 or later to mitigate the risks. As a temporary workaround, consider restricting access to the server to minimize the risk of exploitation.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sitesentinel