mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 10:41:46 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
480b35b7e5
commit
6a88c24d42
@ -21,8 +21,8 @@
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Missing Write Protection for Parametric Data Values",
|
||||
"cweId": "CWE-1314"
|
||||
"value": "Out-of-bounds Write",
|
||||
"cweId": "CWE-787"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,137 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-11664",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselect_filtering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 22b0b443acca740fc83b5544165c1f53eff3f529. It is recommended to apply a patch to fix this issue."
|
||||
},
|
||||
{
|
||||
"lang": "deu",
|
||||
"value": "Eine kritische Schwachstelle wurde in eNMS bis 4.2 entdeckt. Es geht hierbei um die Funktion multiselect_filtering der Datei eNMS/controller.py der Komponente TGZ File Handler. Durch Manipulieren mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als 22b0b443acca740fc83b5544165c1f53eff3f529 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Path Traversal",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "eNMS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://vuldb.com/?id.285986",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.285986"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.285986",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?ctiid.285986"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.447374",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?submit.447374"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/eNMS-automation/eNMS/pull/419",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/eNMS-automation/eNMS/pull/419"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/eNMS-automation/eNMS/pull/419#issuecomment-2495640750",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/eNMS-automation/eNMS/pull/419#issuecomment-2495640750"
|
||||
},
|
||||
{
|
||||
"url": "https://mega.nz/folder/ZhIiDQaI#TUJCRV-XN41L-WEVAu0sWg",
|
||||
"refsource": "MISC",
|
||||
"name": "https://mega.nz/folder/ZhIiDQaI#TUJCRV-XN41L-WEVAu0sWg"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/eNMS-automation/eNMS/pull/419/commits/22b0b443acca740fc83b5544165c1f53eff3f529",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/eNMS-automation/eNMS/pull/419/commits/22b0b443acca740fc83b5544165c1f53eff3f529"
|
||||
},
|
||||
{
|
||||
"url": "https://www.youtube.com/watch?v=FJVFtNb4_qA",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.youtube.com/watch?v=FJVFtNb4_qA"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "slash0x99 (VulDB User)"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
{
|
||||
"version": "3.0",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
{
|
||||
"version": "2.0",
|
||||
"baseScore": 9,
|
||||
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user