From 743a0930c18e8986af98e5073aa16d5b9ac1ea46 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Aug 2024 19:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/42xxx/CVE-2024-42370.json | 91 ++++++++++++++++++++++++++++++++-- 2024/42xxx/CVE-2024-42467.json | 86 ++++++++++++++++++++++++++++++-- 2024/42xxx/CVE-2024-42468.json | 86 ++++++++++++++++++++++++++++++-- 2024/42xxx/CVE-2024-42469.json | 81 ++++++++++++++++++++++++++++-- 2024/42xxx/CVE-2024-42470.json | 81 ++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7653.json | 18 +++++++ 2024/7xxx/CVE-2024-7654.json | 18 +++++++ 2024/7xxx/CVE-2024-7655.json | 18 +++++++ 8 files changed, 459 insertions(+), 20 deletions(-) create mode 100644 2024/7xxx/CVE-2024-7653.json create mode 100644 2024/7xxx/CVE-2024-7654.json create mode 100644 2024/7xxx/CVE-2024-7655.json diff --git a/2024/42xxx/CVE-2024-42370.json b/2024/42xxx/CVE-2024-42370.json index a0a2654291d..451f51acd3f 100644 --- a/2024/42xxx/CVE-2024-42370.json +++ b/2024/42xxx/CVE-2024-42370.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. In versions 2.10.0 and prior, Litestar's `docs-preview.yml` workflow is vulnerable to Environment Variable injection which may lead to secret exfiltration and repository manipulation. This issue will grant a malicious actor the permission to write issues, read metadata, and write pull requests. In addition, the `DOCS_PREVIEW_DEPLOY_TOKEN` is exposed to the attacker. Commit 84d351e96aaa2a1338006d6e7221eded161f517b contains a fix for this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "litestar-org", + "product": { + "product_data": [ + { + "product_name": "litestar", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 2.10.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/litestar-org/litestar/security/advisories/GHSA-4hq2-rpgc-r8r7", + "refsource": "MISC", + "name": "https://github.com/litestar-org/litestar/security/advisories/GHSA-4hq2-rpgc-r8r7" + }, + { + "url": "https://github.com/litestar-org/litestar/commit/84d351e96aaa2a1338006d6e7221eded161f517b", + "refsource": "MISC", + "name": "https://github.com/litestar-org/litestar/commit/84d351e96aaa2a1338006d6e7221eded161f517b" + }, + { + "url": "https://github.com/litestar-org/litestar/actions/runs/10081936962/job/27875077668#step:1:17", + "refsource": "MISC", + "name": "https://github.com/litestar-org/litestar/actions/runs/10081936962/job/27875077668#step:1:17" + }, + { + "url": "https://github.com/litestar-org/litestar/blob/ffaf5616b19f6f0f4128209c8b49dbcb41568aa2/.github/workflows/docs-preview.yml", + "refsource": "MISC", + "name": "https://github.com/litestar-org/litestar/blob/ffaf5616b19f6f0f4128209c8b49dbcb41568aa2/.github/workflows/docs-preview.yml" + } + ] + }, + "source": { + "advisory": "GHSA-4hq2-rpgc-r8r7", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42467.json b/2024/42xxx/CVE-2024-42467.json index cbba50ec3f7..71bceea253f 100644 --- a/2024/42xxx/CVE-2024-42467.json +++ b/2024/42xxx/CVE-2024-42467.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42467", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery (SSRF) to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network. Furthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. This allows an attacker to exploit call endpoints on an openHAB server even if the openHAB server is located in a private network. (e.g. by sending an openHAB admin a link that proxies malicious JavaScript.) This issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabilities. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-918: Server-Side Request Forgery (SSRF)", + "cweId": "CWE-918" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openhab", + "product": { + "product_data": [ + { + "product_name": "openhab-webui", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-v7gr-mqpj-wwh3", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-v7gr-mqpj-wwh3" + }, + { + "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2" + }, + { + "url": "https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/backend/rest/ProxyResource.java#L83", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/backend/rest/ProxyResource.java#L83" + } + ] + }, + "source": { + "advisory": "GHSA-v7gr-mqpj-wwh3", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42468.json b/2024/42xxx/CVE-2024-42468.json index 2874b71a90e..f0b40ffea1f 100644 --- a/2024/42xxx/CVE-2024-42468.json +++ b/2024/42xxx/CVE-2024-42468.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42468", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. CometVisuServlet in versions prior to 4.2.1 is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This issue may lead to information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openhab", + "product": { + "product_data": [ + { + "product_name": "openhab-webui", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-pcwp-26pw-j98w", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-pcwp-26pw-j98w" + }, + { + "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2" + }, + { + "url": "https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/servlet/CometVisuServlet.java#L75", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/servlet/CometVisuServlet.java#L75" + } + ] + }, + "source": { + "advisory": "GHSA-pcwp-26pw-j98w", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42469.json b/2024/42xxx/CVE-2024-42469.json index 50a10e7f144..e8a6659ace0 100644 --- a/2024/42xxx/CVE-2024-42469.json +++ b/2024/42xxx/CVE-2024-42469.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42469", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. Users should upgrade to version 4.2.1 to receive a patch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openhab", + "product": { + "product_data": [ + { + "product_name": "openhab-webui", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf" + }, + { + "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2" + } + ] + }, + "source": { + "advisory": "GHSA-f729-58x4-gqgf", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42470.json b/2024/42xxx/CVE-2024-42470.json index 3868006fc1d..914fce55da5 100644 --- a/2024/42xxx/CVE-2024-42470.json +++ b/2024/42xxx/CVE-2024-42470.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42470", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Several endpoints in versions prior to 4.2.1 of the CometVisu add-on of openHAB don't require authentication. This makes it possible for unauthenticated attackers to modify or to steal sensitive data. This issue may lead to sensitive information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openhab", + "product": { + "product_data": [ + { + "product_name": "openhab-webui", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-3g4c-hjhr-73rj", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-3g4c-hjhr-73rj" + }, + { + "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", + "refsource": "MISC", + "name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2" + } + ] + }, + "source": { + "advisory": "GHSA-3g4c-hjhr-73rj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/7xxx/CVE-2024-7653.json b/2024/7xxx/CVE-2024-7653.json new file mode 100644 index 00000000000..3801fef011e --- /dev/null +++ b/2024/7xxx/CVE-2024-7653.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7653", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7654.json b/2024/7xxx/CVE-2024-7654.json new file mode 100644 index 00000000000..8d1074398a5 --- /dev/null +++ b/2024/7xxx/CVE-2024-7654.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7654", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7655.json b/2024/7xxx/CVE-2024-7655.json new file mode 100644 index 00000000000..4e771c8b532 --- /dev/null +++ b/2024/7xxx/CVE-2024-7655.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7655", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file