admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/24xxx/CVE-2022-24950.json
CVE Team a33b046ef8
"-Synchronized-Data."
2023-02-16 19:00:35 +00:00

74 lines
2.7 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2022-02-10",
"ID": "CVE-2022-24950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jason Gauci",
"product": {
"product_data": [
{
"product_name": "Eternal Terminal",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "6.2.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race Condition (CWE-362)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3",
"url": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3"
},
{
"refsource": "MISC",
"name": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3",
"url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs)",
"url": "http://www.openwall.com/lists/oss-security/2023/02/16/1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink