From 30d3ac3e45663185a2548dd4a652dc296e9cb9e2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 24 Jul 2024 18:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/21xxx/CVE-2024-21684.json | 124 +++++++++++++++++++++++++++++++-- 2024/37xxx/CVE-2024-37533.json | 83 ++++++++++++++++++++-- 2024/41xxx/CVE-2024-41666.json | 104 +++++++++++++++++++++++++-- 2024/41xxx/CVE-2024-41667.json | 81 +++++++++++++++++++-- 2024/41xxx/CVE-2024-41672.json | 86 +++++++++++++++++++++-- 2024/7xxx/CVE-2024-7085.json | 18 +++++ 2024/7xxx/CVE-2024-7086.json | 18 +++++ 2024/7xxx/CVE-2024-7087.json | 18 +++++ 2024/7xxx/CVE-2024-7088.json | 18 +++++ 2024/7xxx/CVE-2024-7089.json | 18 +++++ 10 files changed, 548 insertions(+), 20 deletions(-) create mode 100644 2024/7xxx/CVE-2024-7085.json create mode 100644 2024/7xxx/CVE-2024-7086.json create mode 100644 2024/7xxx/CVE-2024-7087.json create mode 100644 2024/7xxx/CVE-2024-7088.json create mode 100644 2024/7xxx/CVE-2024-7089.json diff --git a/2024/21xxx/CVE-2024-21684.json b/2024/21xxx/CVE-2024-21684.json index 133e97fc745..be8663fa98d 100644 --- a/2024/21xxx/CVE-2024-21684.json +++ b/2024/21xxx/CVE-2024-21684.json @@ -1,17 +1,133 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-21684", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@atlassian.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Center. Versions of Bitbucket DC from 8.0.0 to 8.9.12 and 8.19.0 to 8.19.1 are affected by this vulnerability. It is patched in 8.9.13 and 8.19.2.\n\nThis open redirect vulnerability, with a CVSS Score of 3.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N, allows an unauthenticated attacker to redirect a victim user upon login to Bitbucket Data Center to any arbitrary site which can be utilized for further exploitation which has low impact to confidentiality, no impact to integrity, no impact to availability, and requires user interaction.\n\nAtlassian recommends that Bitbucket Data Center customers upgrade to the version. If you are unable to do so, upgrade your instance to one of the supported fixed versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Open Redirect" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Atlassian", + "product": { + "product_data": [ + { + "product_name": "Bitbucket Data Center", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "8.19.1", + "status": "affected" + }, + { + "version": "8.9.0 to 8.9.12", + "status": "affected" + }, + { + "version": "8.8.0 to 8.8.7", + "status": "affected" + }, + { + "version": "8.7.0 to 8.7.5", + "status": "affected" + }, + { + "version": "8.6.0 to 8.6.4", + "status": "affected" + }, + { + "version": "8.5.0 to 8.5.4", + "status": "affected" + }, + { + "version": "8.4.0 to 8.4.4", + "status": "affected" + }, + { + "version": "8.3.0 to 8.3.4", + "status": "affected" + }, + { + "version": "8.2.2 to 8.2.4", + "status": "affected" + }, + { + "version": "8.1.3 to 8.1.5", + "status": "affected" + }, + { + "version": "8.0.3 to 8.0.5", + "status": "affected" + }, + { + "version": "8.19.2 to 8.19.6", + "status": "unaffected" + }, + { + "version": "8.9.13 to 8.9.17", + "status": "unaffected" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://jira.atlassian.com/browse/BSERV-19454", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/BSERV-19454" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Taha YILDIRIM" + } + ], + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.1, + "baseSeverity": "LOW" } ] } diff --git a/2024/37xxx/CVE-2024-37533.json b/2024/37xxx/CVE-2024-37533.json index de85f31e893..2d2684aedf8 100644 --- a/2024/37xxx/CVE-2024-37533.json +++ b/2024/37xxx/CVE-2024-37533.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-37533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-359 Exposure of Private Information ('Privacy Violation')", + "cweId": "CWE-359" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "InfoSphere Information Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7159173", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7159173" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294727", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294727" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "PHYSICAL", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41666.json b/2024/41xxx/CVE-2024-41666.json index 2c3dec4b412..b6f04221982 100644 --- a/2024/41xxx/CVE-2024-41666.json +++ b/2024/41xxx/CVE-2024-41666.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41666", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD has a Web-based terminal that allows users to get a shell inside a running pod, just as they would with kubectl exec. Starting in version 2.6.0, when the administrator enables this function and grants permission to the user `p, role:myrole, exec, create, */*, allow`, even if the user revokes this permission, the user can still perform operations in the container, as long as the user keeps the terminal view open for a long time. Although the token expiration and revocation of the user are fixed, however, the fix does not address the situation of revocation of only user `p, role:myrole, exec, create, */*, allow` permissions, which may still lead to the leakage of sensitive information. A patch for this vulnerability has been released in Argo CD versions 2.11.7, 2.10.16, and 2.9.21." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-269: Improper Privilege Management", + "cweId": "CWE-269" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "argoproj", + "product": { + "product_data": [ + { + "product_name": "argo-cd", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.6.0, < 2.9.21" + }, + { + "version_affected": "=", + "version_value": ">= 2.10.0, < 2.10.16" + }, + { + "version_affected": "=", + "version_value": ">= 2.11.0, < 2.11.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-v8wx-v5jq-qhhw", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-v8wx-v5jq-qhhw" + }, + { + "url": "https://github.com/argoproj/argo-cd/commit/05edb2a9ca48f0f10608c1b49fbb0cf7164f6476", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/commit/05edb2a9ca48f0f10608c1b49fbb0cf7164f6476" + }, + { + "url": "https://github.com/argoproj/argo-cd/commit/e96f32d233504101ddac028a5bf8117433d333d6", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/commit/e96f32d233504101ddac028a5bf8117433d333d6" + }, + { + "url": "https://github.com/argoproj/argo-cd/commit/ef535230d8bd8ad7b18aab1ea1063e9751d348c4", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/commit/ef535230d8bd8ad7b18aab1ea1063e9751d348c4" + }, + { + "url": "https://drive.google.com/file/d/1Fynj5Sho8Lf8CETqsNXZyPKlTDdmgJuN/view?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1Fynj5Sho8Lf8CETqsNXZyPKlTDdmgJuN/view?usp=sharing" + } + ] + }, + "source": { + "advisory": "GHSA-v8wx-v5jq-qhhw", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41667.json b/2024/41xxx/CVE-2024-41667.json index 226370dec81..202159ae848 100644 --- a/2024/41xxx/CVE-2024-41667.json +++ b/2024/41xxx/CVE-2024-41667.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41667", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default PingOne Advanced Identity Cloud login page,they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenIdentityPlatform", + "product": { + "product_data": [ + { + "product_name": "OpenAM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 15.0.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OpenIdentityPlatform/OpenAM/security/advisories/GHSA-7726-43hg-m23v", + "refsource": "MISC", + "name": "https://github.com/OpenIdentityPlatform/OpenAM/security/advisories/GHSA-7726-43hg-m23v" + }, + { + "url": "https://github.com/OpenIdentityPlatform/OpenAM/commit/fcb8432aa77d5b2e147624fe954cb150c568e0b8", + "refsource": "MISC", + "name": "https://github.com/OpenIdentityPlatform/OpenAM/commit/fcb8432aa77d5b2e147624fe954cb150c568e0b8" + } + ] + }, + "source": { + "advisory": "GHSA-7726-43hg-m23v", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41672.json b/2024/41xxx/CVE-2024-41672.json index e4ce38e2446..5237102abe6 100644 --- a/2024/41xxx/CVE-2024-41672.json +++ b/2024/41xxx/CVE-2024-41672.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41672", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerability provides an attacker with access to filesystem even when access is expected to be disabled and other similar functions do NOT provide access. There seem to be two vectors to this vulnerability. First, access to files that should otherwise not be allowed. Second, the content from a file can be read (e.g. `/etc/hosts`, `proc/self/environ`, etc) even though that doesn't seem to be the intent of the sniff_csv function. A fix for this issue is available in commit c9b7c98aa0e1cd7363fe8bb8543a95f38e980d8a and is expected to be part of version 1.1.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "duckdb", + "product": { + "product_data": [ + { + "product_name": "duckdb", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 1.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/duckdb/duckdb/security/advisories/GHSA-w2gf-jxc9-pf2q", + "refsource": "MISC", + "name": "https://github.com/duckdb/duckdb/security/advisories/GHSA-w2gf-jxc9-pf2q" + }, + { + "url": "https://github.com/duckdb/duckdb/pull/13133", + "refsource": "MISC", + "name": "https://github.com/duckdb/duckdb/pull/13133" + }, + { + "url": "https://github.com/duckdb/duckdb/commit/c9b7c98aa0e1cd7363fe8bb8543a95f38e980d8a", + "refsource": "MISC", + "name": "https://github.com/duckdb/duckdb/commit/c9b7c98aa0e1cd7363fe8bb8543a95f38e980d8a" + } + ] + }, + "source": { + "advisory": "GHSA-w2gf-jxc9-pf2q", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/7xxx/CVE-2024-7085.json b/2024/7xxx/CVE-2024-7085.json new file mode 100644 index 00000000000..294b714e475 --- /dev/null +++ b/2024/7xxx/CVE-2024-7085.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7085", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7086.json b/2024/7xxx/CVE-2024-7086.json new file mode 100644 index 00000000000..a3a588dc29e --- /dev/null +++ b/2024/7xxx/CVE-2024-7086.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7086", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7087.json b/2024/7xxx/CVE-2024-7087.json new file mode 100644 index 00000000000..41c171672c6 --- /dev/null +++ b/2024/7xxx/CVE-2024-7087.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7087", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7088.json b/2024/7xxx/CVE-2024-7088.json new file mode 100644 index 00000000000..151300752b9 --- /dev/null +++ b/2024/7xxx/CVE-2024-7088.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7088", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7089.json b/2024/7xxx/CVE-2024-7089.json new file mode 100644 index 00000000000..0ba8a8a6d26 --- /dev/null +++ b/2024/7xxx/CVE-2024-7089.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7089", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file