cvelist/2024/5xxx/CVE-2024-5587.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-5587",
        "ASSIGNER": "cna@vuldb.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic. Affected is an unknown function of the file /conf/app.conf of the component Configuration File Handler. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266838 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
                "lang": "deu",
                "value": "Es wurde eine problematische Schwachstelle in Casdoor bis 1.335.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /conf/app.conf der Komponente Configuration File Handler. Dank der Manipulation mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-552 Files or Directories Accessible",
                        "cweId": "CWE-552"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "n/a",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Casdoor",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "1.335"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://vuldb.com/?id.266838",
                "refsource": "MISC",
                "name": "https://vuldb.com/?id.266838"
            },
            {
                "url": "https://vuldb.com/?ctiid.266838",
                "refsource": "MISC",
                "name": "https://vuldb.com/?ctiid.266838"
            },
            {
                "url": "https://vuldb.com/?submit.343357",
                "refsource": "MISC",
                "name": "https://vuldb.com/?submit.343357"
            },
            {
                "url": "https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/wkwg66pioe4f5av0",
                "refsource": "MISC",
                "name": "https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/wkwg66pioe4f5av0"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "XbnWa (VulDB User)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "baseScore": 5.3,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "3.0",
                "baseScore": 5.3,
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "2.0",
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
            }
        ]
    }
}
"-Synchronized-Data." 2024-06-01 18:00:30 +00:00			`{`
"-Synchronized-Data." 2024-06-02 11:00:33 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-06-01 18:00:30 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-5587",`
"-Synchronized-Data." 2024-06-02 11:00:33 +00:00			`"ASSIGNER": "cna@vuldb.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-06-01 18:00:30 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-06-02 11:00:33 +00:00			"value": "A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic. Affected is an unknown function of the file /conf/app.conf of the component Configuration File Handler. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266838 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
			`},`
			`{`
			`"lang": "deu",`
			`"value": "Es wurde eine problematische Schwachstelle in Casdoor bis 1.335.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /conf/app.conf der Komponente Configuration File Handler. Dank der Manipulation mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-552 Files or Directories Accessible",`
			`"cweId": "CWE-552"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "n/a",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Casdoor",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "1.335"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://vuldb.com/?id.266838",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?id.266838"`
			`},`
			`{`
			`"url": "https://vuldb.com/?ctiid.266838",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?ctiid.266838"`
			`},`
			`{`
			`"url": "https://vuldb.com/?submit.343357",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?submit.343357"`
			`},`
			`{`
			`"url": "https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/wkwg66pioe4f5av0",`
			`"refsource": "MISC",`
			`"name": "https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/wkwg66pioe4f5av0"`
			`}`
			`]`
			`},`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "XbnWa (VulDB User)"`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"version": "3.1",`
			`"baseScore": 5.3,`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",`
			`"baseSeverity": "MEDIUM"`
			`},`
			`{`
			`"version": "3.0",`
			`"baseScore": 5.3,`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",`
			`"baseSeverity": "MEDIUM"`
			`},`
			`{`
			`"version": "2.0",`
			`"baseScore": 5,`
			`"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"`
"-Synchronized-Data." 2024-06-01 18:00:30 +00:00			`}`
			`]`
			`}`
			`}`