admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-471xx/CVE-2024-47123.json

104 lines
3.8 KiB
JSON
Raw Normal View History

Auto-Update: 2024-09-26T20:00:17.550966+00:00
2024-09-26 20:03:19 +00:00
{
"id": "CVE-2024-47123",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-26T18:15:09.193",
Auto-Update: 2024-09-30T14:00:19.465883+00:00
2024-09-30 14:03:19 +00:00
"lastModified": "2024-09-30T12:46:20.237",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2024-09-26T20:00:17.550966+00:00
2024-09-26 20:03:19 +00:00
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to any attacker that can access the message."
Auto-Update: 2024-09-29T02:00:17.791047+00:00
2024-09-29 02:03:15 +00:00
},
{
"lang": "es",
"value": "La serie goTenna Pro utiliza el modo AES CTR para mensajes breves y cifrados sin ning\u00fan mecanismo de comprobaci\u00f3n de integridad adicional. Esto permite que los mensajes sean manipulables para cualquier atacante que pueda acceder a ellos."
Auto-Update: 2024-09-26T20:00:17.550966+00:00
2024-09-26 20:03:19 +00:00
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "ADJACENT",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 0.0
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-353"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}
Reference in New Issue Copy Permalink