← Back

CVE-2024-7696

nvd nist
Published: Jan 7, 2025Modified: Oct 10, 2025

JSON object

Loading...
6.3
Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Exploitability: 2.1 / Impact: 4.2
Source: product-security@axis.com (Secondary)

Description

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using maliciously crafted audit log entries. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Affected (1)

Axis
1 product
Camera Station Pro
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Camera Station Pro
Before 6.5.35848

Related CWEs

CWE-117
Improper Output Neutralization for Logs
The product does not neutralize or incorrectly neutralizes output that is written to logs.

References (1)

Source: product-security@axis.com
Vendor Advisory

Timeline

No history available yet.