admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-07-25 20:00:37 +00:00
parent 80e4b42eb3
commit 94476aecab
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
8 changed files with 537 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2024/1xxx/CVE-2024-1724.json
View File

@ -1,18 +1,81 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1724",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In snapd versions prior to 2.62, when using AppArmor for enforcement of \nsandbox permissions, snapd failed to restrict writes to the $HOME/bin\npath. In Ubuntu, when this path exists, it is automatically added to\nthe users PATH. An attacker who could convince a user to install a\nmalicious snap which used the 'home' plug could use this vulnerability\nto install arbitrary scripts into the users PATH which may then be run\nby the user outside of the expected snap sandbox and hence allow them\nto escape confinement."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Canonical",
"product": {
"product_data": [
{
"product_name": "snap",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.62"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6",
"refsource": "MISC",
"name": "https://github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6"
},
{
"url": "https://gld.mcphail.uk/posts/explaining-cve-2024-1724/",
"refsource": "MISC",
"name": "https://gld.mcphail.uk/posts/explaining-cve-2024-1724/"
},
{
"url": "https://github.com/snapcore/snapd/pull/13689",
"refsource": "MISC",
"name": "https://github.com/snapcore/snapd/pull/13689"
}
]
},
"credits": [
{
"lang": "en",
"value": "Neil McPhail"
}
]
}

84
2024/29xxx/CVE-2024-29068.json
View File

@ -1,17 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29068",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In snapd versions prior to 2.62, snapd failed to properly check the file\ntype when extracting a snap. The snap format is a squashfs file-system\nimage and so can contain files that are non-regular files (such as pipes \nor sockets etc). Various file entries within the snap squashfs image\n(such as icons etc) are directly read by snapd when it is extracted. An \nattacker who could convince a user to install a malicious snap which\ncontained non-regular files at these paths could then cause snapd to block\nindefinitely trying to read from such files and cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Canonical",
"product": {
"product_data": [
{
"product_name": "snapd",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.62"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/snapcore/snapd/commit/b66fee81606a1c05f965a876ccbaf44174194063",
"refsource": "MISC",
"name": "https://github.com/snapcore/snapd/commit/b66fee81606a1c05f965a876ccbaf44174194063"
},
{
"url": "https://github.com/snapcore/snapd/pull/13682",
"refsource": "MISC",
"name": "https://github.com/snapcore/snapd/pull/13682"
}
]
},
"credits": [
{
"lang": "en",
"value": "Zeyad Gouda"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
}
]
}

79
2024/29xxx/CVE-2024-29069.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29069",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In snapd versions prior to 2.62, snapd failed to properly check the\ndestination of symbolic links when extracting a snap. The snap format \nis a squashfs file-system image and so can contain symbolic links and\nother file types. Various file entries within the snap squashfs image\n(such as icons and desktop files etc) are directly read by snapd when\nit is extracted. An attacker who could convince a user to install a\nmalicious snap which contained symbolic links at these paths could then \ncause snapd to write out the contents of the symbolic link destination\ninto a world-readable directory. This in-turn could allow an unprivileged\nuser to gain access to privileged information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"cweId": "CWE-610"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Canonical",
"product": {
"product_data": [
{
"product_name": "snapd",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.62"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/snapcore/snapd/pull/13682",
"refsource": "MISC",
"name": "https://github.com/snapcore/snapd/pull/13682"
}
]
},
"credits": [
{
"lang": "en",
"value": "Zeyad Gouda"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
}
]
}

61
2024/38xxx/CVE-2024-38287.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38287",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-38287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.rhubcom.com/v5/manuals.html",
"refsource": "MISC",
"name": "https://www.rhubcom.com/v5/manuals.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/google/security-research/security/advisories/GHSA-c84v-4pjw-4mh2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-c84v-4pjw-4mh2"
}
]
}

61
2024/38xxx/CVE-2024-38288.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-38288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command-injection issue in the Certificate Signing Request (CSR) functionality in R-HUB TurboMeeting through 8.x allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying server as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.rhubcom.com/v5/manuals.html",
"refsource": "MISC",
"name": "https://www.rhubcom.com/v5/manuals.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/google/security-research/security/advisories/GHSA-gx6g-8mvx-3q5c",
"url": "https://github.com/google/security-research/security/advisories/GHSA-gx6g-8mvx-3q5c"
}
]
}

61
2024/38xxx/CVE-2024-38289.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-38289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.rhubcom.com/v5/manuals.html",
"refsource": "MISC",
"name": "https://www.rhubcom.com/v5/manuals.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/google/security-research/security/advisories/GHSA-vx5j-8pgx-v42v",
"url": "https://github.com/google/security-research/security/advisories/GHSA-vx5j-8pgx-v42v"
}
]
}

56
2024/40xxx/CVE-2024-40324.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40324",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/aleksey-vi/CVE-2024-40324",
"url": "https://github.com/aleksey-vi/CVE-2024-40324"
}
]
}

103
2024/6xxx/CVE-2024-6558.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6558",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HMS Industrial Networks\n\nAnybus-CompactCom 30 products are vulnerable to a XSS attack caused by the lack of input sanitation checks. As a consequence, it is possible to insert HTML code into input fields and store the HTML code. The stored HTML code will be embedded in the page and executed by host browser the next time the page is loaded, enabling social engineering attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HMS Industrial Networks",
"product": {
"product_data": [
{
"product_name": "Anybus-CompactCom 30",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-20",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-20"
},
{
"url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-05-17-001---anybus---compactcom-30-xss.pdf",
"refsource": "MISC",
"name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-05-17-001---anybus---compactcom-30-xss.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-193-20",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>HMS recommends users implement at least one of the following:</p><ul><li>Add password protection to all webpages served by the Anybus-CompactCom 30 module.</li><li>Disable or add the option to allow the end-user to disable the webserver in the AnybusCompactCom 30.</li><li>Make sure these products are used locally within a secure network utilizing proper network infrastructure controls. This will help ensure that unused or unnecessary protocols from unauthorized sources are blocked.</li><li>Ensure that control systems and devices are situated behind firewalls, ensuring their isolation from the corporate network.</li><li>Replace the Anybus-CompactCom 30 module with a Anybus-CompactCom 40 module.</li></ul><p>For more information see the associated <a target=\"_blank\" rel=\"nofollow\" href=\"https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-05-17-001---anybus---compactcom-30-xss.pdf\">HMS security advisory</a>.</p>\n\n<br>"
}
],
"value": "HMS recommends users implement at least one of the following:\n\n * Add password protection to all webpages served by the Anybus-CompactCom 30 module.\n * Disable or add the option to allow the end-user to disable the webserver in the AnybusCompactCom 30.\n * Make sure these products are used locally within a secure network utilizing proper network infrastructure controls. This will help ensure that unused or unnecessary protocols from unauthorized sources are blocked.\n * Ensure that control systems and devices are situated behind firewalls, ensuring their isolation from the corporate network.\n * Replace the Anybus-CompactCom 30 module with a Anybus-CompactCom 40 module.\n\n\nFor more information see the associated HMS security advisory https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-05-17-001---anybus---compactcom-30-xss.pdf ."
}
],
"credits": [
{
"lang": "en",
"value": "Vincenzo Giuseppe Colacino of Secoore reported this vulnerability to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}