CVE-2024-8530

Name of the Vulnerable Software and Affected Versions Schneider Electric EcoStruxure Data Center Expert (affected versions not specified)

Description A missing authentication for critical function issue exists, which could cause exposure of private data when an already generated "logcaptures" archive is accessed directly by HTTPS. This flaw can lead to unauthorized access to sensitive data. The vulnerability is related to the absence of authentication for a critical function, allowing a remote attacker to obtain access to confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.