mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
95 lines
3.2 KiB
JSON
95 lines
3.2 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-38749",
|
|
"ASSIGNER": "audit@patchstack.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
|
|
"cweId": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Olive Themes",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Olive One Click Demo Import",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "n/a",
|
|
"version_value": "1.1.2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-2-sensitive-data-exposure-vulnerability?_s_id=cve",
|
|
"refsource": "MISC",
|
|
"name": "https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-2-sensitive-data-exposure-vulnerability?_s_id=cve"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Peng Zhou (Patchstack Alliance)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |