mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
137 lines
5.5 KiB
JSON
137 lines
5.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-1033",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252308."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Eine problematische Schwachstelle wurde in openBI bis 1.0.8 entdeckt. Betroffen davon ist die Funktion agent der Datei /application/index/controller/Datament.php. Dank Manipulation des Arguments api mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-200 Information Disclosure",
|
|
"cweId": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "openBI",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.6"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0.8"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.252308",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.252308"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.252308",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.252308"
|
|
},
|
|
{
|
|
"url": "https://note.zhaoj.in/share/nD654ot6zRQZ",
|
|
"refsource": "MISC",
|
|
"name": "https://note.zhaoj.in/share/nD654ot6zRQZ"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "glzjin (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 4.3,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 4.3,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 4,
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
|
|
}
|
|
]
|
|
}
|
|
} |