admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-12-12 14:00:56 +00:00
parent 277a687c32
commit 4f2464da56
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 571 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
2024/28xxx/CVE-2024-28143.json
View File

@ -1,18 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new password within the -rsetpass+-aaction+- parameter\u00a0for a user without knowing the old password, e.g. by exploiting a CSRF issue."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620 Unverified Password Change",
"cweId": "CWE-620"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Image Access GmbH",
"product": {
"product_data": [
{
"product_name": "Scan2Net",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.40",
"status": "unaffected"
}
],
"lessThan": "7.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/imageaccess",
"refsource": "MISC",
"name": "https://r.sec-consult.com/imageaccess"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"refsource": "MISC",
"name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"
}
],
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal.</span><br>"
}
],
"value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal."
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
}
]
}

119
2024/28xxx/CVE-2024-28144.json
View File

@ -1,18 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384 Session Fixation",
"cweId": "CWE-384"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Image Access GmbH",
"product": {
"product_data": [
{
"product_name": "Scan2Net",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.42B",
"status": "unknown"
}
],
"lessThanOrEqual": "7.42B",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/imageaccess",
"refsource": "MISC",
"name": "https://r.sec-consult.com/imageaccess"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"refsource": "MISC",
"name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"
}
],
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor does not provide a patch for this issue to date but an update is planned for the future."
}
],
"value": "The vendor does not provide a patch for this issue to date but an update is planned for the future."
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
}
]
}

119
2024/28xxx/CVE-2024-28145.json
View File

@ -1,18 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php\u00a0file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Image Access GmbH",
"product": {
"product_data": [
{
"product_name": "Scan2Net",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.40",
"status": "unaffected"
}
],
"lessThan": "7.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/imageaccess",
"refsource": "MISC",
"name": "https://r.sec-consult.com/imageaccess"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"refsource": "MISC",
"name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"
}
],
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal."
}
],
"value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal."
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
}
]
}

119
2024/28xxx/CVE-2024-28146.json
View File

@ -1,18 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The application uses several hard-coded credentials\u00a0to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Image Access GmbH",
"product": {
"product_data": [
{
"product_name": "Scan2Net",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.42",
"status": "unknown"
}
],
"lessThan": "7.42",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/imageaccess",
"refsource": "MISC",
"name": "https://r.sec-consult.com/imageaccess"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"refsource": "MISC",
"name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"
}
],
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor provides a firmware update to version 7.42 (or higher) which can be downloaded via the vendor's customer server portal. It fixes most of the hard-coded credentials that can be directly exploited by an attacker. The vendor did not specify whether future patches will remediate the rest\""
}
],
"value": "The vendor provides a firmware update to version 7.42 (or higher) which can be downloaded via the vendor's customer server portal. It fixes most of the hard-coded credentials that can be directly exploited by an attacker. The vendor did not specify whether future patches will remediate the rest\""
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
}
]
}

2
2024/36xxx/CVE-2024-36494.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users.\u00a0The login page at /cgi/slogin.cgi suffers from reflected XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in, which makes it ideal for login form phishing attempts."
"value": "Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts."
}
]
},

119
2024/50xxx/CVE-2024-50584.json
View File

@ -1,18 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-50584",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authenticated attacker with the user/role \"Poweruser\" can perform an SQL injection by accessing the /class/template_io.php\u00a0file and supplying malicious GET parameters.\u00a0The \"templates\" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the JSON syntax of the templates parameter."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Image Access GmbH",
"product": {
"product_data": [
{
"product_name": "Scan2Net",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.42",
"status": "unaffected"
}
],
"lessThan": "7.42",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/imageaccess",
"refsource": "MISC",
"name": "https://r.sec-consult.com/imageaccess"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"refsource": "MISC",
"name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"
}
],
"value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor provides a firmware update to version 7.42 (or higher) which can be downloaded via the vendor's customer server portal."
}
],
"value": "The vendor provides a firmware update to version 7.42 (or higher) which can be downloaded via the vendor's customer server portal."
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
}
]
}