admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/6xxx/CVE-2024-6048.json
CVE Team 3f77401e7d
"-Synchronized-Data."
2024-06-17 08:00:34 +00:00

144 lines
5.4 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-6048",
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email attachments. An unauthenticated remote attacker can exploit this vulnerability to inject system commands and execute them on the remote server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Openfind",
"product": {
"product_data": [
{
"product_name": "MailGates 5.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "Patch 5.2.10.094"
}
]
}
},
{
"product_name": "MailAudit 5.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "Patch 5.2.10.094"
}
]
}
},
{
"product_name": "MailGates 6.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "Patch 6.1.7.037"
}
]
}
},
{
"product_name": "MailAudit 6.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "Patch 6.1.7.037"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7885-a8013-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-7885-a8013-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-7886-20b61-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-7886-20b61-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202406016",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update MailGates/MailAudit v5.0 to Patch 5.2.10.094 or later.<br>Update MailAudit/MailAudit v6.0 to Patch 6.1.7.037 or later.<br>"
}
],
"value": "Update MailGates/MailAudit v5.0 to Patch 5.2.10.094 or later.\nUpdate MailAudit/MailAudit v6.0 to Patch 6.1.7.037 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink