CVE-2024-25407
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction request. This vulnerability can allow attackers to cause a Denial of Service (DoS) by using the predicted transaction ID's to terminate other transactions.
SteVe - OCPP server implementation in Java. Your trusted open-source EV charging station management system since 2013. Used by CPOs, manufacturers and developers worldwide. Managed cloud →
GitHub