admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-341xx/CVE-2024-34162.json

80 lines
3.0 KiB
JSON
Raw Normal View History

Auto-Update: 2024-11-26T09:01:03.364720+00:00
2024-11-26 09:04:13 +00:00
{
"id": "CVE-2024-34162",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-11-26T08:15:06.123",
"lastModified": "2024-11-26T08:15:06.123",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
Auto-Update: 2024-11-26T09:01:03.364720+00:00
2024-11-26 09:04:13 +00:00
"descriptions": [
{
"lang": "en",
"value": "The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to \"SIMPLE\", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
},
{
"lang": "es",
"value": "La interfaz web de los dispositivos afectados est\u00e1 dise\u00f1ada para ocultar las credenciales LDAP incluso para los usuarios administrativos. Pero al configurar la autenticaci\u00f3n LDAP en \"SIMPLE\", el dispositivo se comunica con el servidor LDAP en texto sin formato. La contrase\u00f1a LDAP se puede recuperar a partir de esta comunicaci\u00f3n en texto sin formato. En cuanto a los detalles de los nombres de los productos afectados, los n\u00fameros de modelo y las versiones, consulte la informaci\u00f3n proporcionada por los respectivos proveedores que se enumeran en [Referencias]."
Auto-Update: 2024-11-26T09:01:03.364720+00:00
2024-11-26 09:04:13 +00:00
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vultures@jpcert.or.jp",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "vultures@jpcert.or.jp",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-767"
}
]
}
],
"references": [
{
"url": "https://global.sharp/products/copier/info/info_security_2024-05.html",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://jp.sharp/business/print/information/info_security_2024-05.html",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93051062/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.toshibatec.co.jp/information/20240531_02.html",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.toshibatec.com/information/20240531_02.html",
"source": "vultures@jpcert.or.jp"
}
]
}
Reference in New Issue Copy Permalink