← Back

CVE-2024-6122

nvd nist
Published: Jul 22, 2024Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service.

Affected (4)

Ni
2 products
Systemlink
Flexlogger
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Ni
Systemlink
Up to 2024
Systemlink
Version 2024 q1
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Ni
Flexlogger
Up to 2023
Flexlogger
Version 2023 q2

Related CWEs

CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

Source: security@ni.com
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory

Timeline

No history available yet.