{"id":"CVE-2024-42513","details":"Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints.","aliases":["GHSA-4rcc-7pg7-f57f"],"modified":"2026-04-10T05:16:50.957426Z","published":"2025-02-10T19:15:38.023Z","references":[{"type":"ADVISORY","url":"https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42513.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opcfoundation/ua-.netstandard","events":[{"introduced":"0"},{"fixed":"f5d00d934cd1c0679e5f3cc6423ae60fa2046968"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.5.374.158"}]}}],"versions":["1.03.350","1.04.353.15","1.04.354.21","1.04.354.23","1.4.355.26","1.4.356.27","1.4.357.28","1.4.358.30","1.4.359.31","1.4.360.33","1.4.361.39","1.4.362.42","1.4.363.49","1.4.366.31-preview","1.4.367.64-preview","1.4.368.27-preview","1.4.368.52-preview","1.4.372.112-preview","1.4.372.116-preview","1.4.372.38-preview","1.4.372.46-preview","1.4.372.67-preview","1.4.372.91-preview","1.5.373.3-preview","1.5.374.118","1.5.374.124","1.5.374.126","1.5.374.26-preview","1.5.374.27","1.5.374.36","1.5.374.54","1.5.374.70","1.5.374.78"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42513.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}