We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-45504



Description

Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and the OEM products allow a remote unauthenticated attacker to hijack the authentication of the user and to perform unintended operations if the user views a malicious page while logged in.

Reserved 2024-08-30 | Published 2024-09-10 | Updated 2024-11-04 | Assigner jpcert

Problem types

Cross-site request forgery (CSRF)

Product status

prior to V9.1SP4 Build1653
affected

versions before the replacement file released on 2024 September 9
affected

versions before 2024 July 20 maintenance
affected

prior to Ver.1.1.1
affected

versions before 2024 July 4 maintenance
affected

versions before 2024 August 31 maintenance
affected

9.0
affected

9.0 Service Pack 1
affected

9.1
affected

9.1 Service Pack 1
affected

9.1 Service Pack 2
affected

9.1 Service Pack 3
affected

and 9.1 Service Pack 4
affected

versions before 2024 July 4 maintenance
affected

versions before 2024 July 4 maintenance
affected

versions before 2024 July 4 maintenance
affected

versions before 2024 June 18 maintenance
affected

versions before 2024 July 20 maintenance
affected

versions before 2024 July 4 maintenance
affected

versions before 2024 July 4 maintenance
affected

References

alsifaq.dga.jp/faq_detail.html?id=6494

success.trendmicro.com/ja-JP/solution/KA-0017618

www.motex.co.jp/news/notice/2024/release240909/

jvn.jp/en/jp/JVN05579230/

cve.org (CVE-2024-45504)

nvd.nist.gov (CVE-2024-45504)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-45504

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.