CVE-2024-6831:

4.4 CVSS

Description

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to edit and/or remove views without the necessary permission due to a client-side-only check.
Axis has released patched versions for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.

Classification

CVE ID: CVE-2024-6831

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.4

Affected Products

Vendor: Axis Communications AB

Product: AXIS Camera Station Pro

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.axis.com/dam/public/a2/9a/41/cve-2024-6831-en-US-455107.pdf

Timeline

2024-11-27 14:42:10 UTC
CVE