admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-25T14:00:49.744998+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-25 14:03:50 +00:00
parent a23e6c7447
commit 9b82876981
288 changed files with 3308 additions and 904 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
CVE-2023/CVE-2023-326xx/CVE-2023-32646.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32646",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:15:53.703",
"lastModified": "2024-02-14T15:01:51.137",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-25T13:54:38.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:virtual_raid_on_cpu:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.8.1001",
"matchCriteriaId": "EA2BC3F6-D484-4297-933F-C63A72D84CAC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00953.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-338xx/CVE-2023-33870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33870",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:15:55.450",
"lastModified": "2024-02-14T15:01:51.137",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-25T13:51:32.943",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -51,10 +81,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:administrative_tools_for_intel_network_adapters:*:*:*:*:*:*:*:*",
"versionEndExcluding": "28.2",
"matchCriteriaId": "4BE6A5BE-15C0-4D4E-B2BC-474D9B246D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:ethernet_connections_boot_utility\\,_preboot_images\\,_and_efi_drivers:*:*:*:*:*:*:*:*",
"versionEndExcluding": "28.2",
"matchCriteriaId": "D0548F47-3524-41AD-86E2-98E1FF4A6921"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00993.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-503xx/CVE-2023-50355.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-50355",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-10-23T23:15:12.170",
"lastModified": "2024-10-23T23:15:12.170",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack."
},
{
"lang": "es",
"value": "HCL Sametime se ve afectado por los mensajes de error que contienen informaci\u00f3n confidencial. Un atacante puede usar esta informaci\u00f3n para lanzar otro ataque m\u00e1s espec\u00edfico."
}
],
"metrics": {

8
CVE-2024/CVE-2024-100xx/CVE-2024-10011.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10011",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T07:15:02.637",
"lastModified": "2024-10-25T07:15:02.637",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory and enables file uploads to directories outside of the web root. Depending on server configuration it may be possible to upload files with double extensions. This vulnerability only affects Windows."
},
{
"lang": "es",
"value": "El complemento BuddyPress para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 14.1.0 incluida a trav\u00e9s del par\u00e1metro id. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, realicen acciones en archivos fuera del directorio originalmente previsto y permite cargar archivos en directorios fuera de la ra\u00edz web. Seg\u00fan la configuraci\u00f3n del servidor, es posible cargar archivos con doble extensi\u00f3n. Esta vulnerabilidad solo afecta a Windows."
}
],
"metrics": {

8
CVE-2024/CVE-2024-100xx/CVE-2024-10016.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10016",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T09:15:03.153",
"lastModified": "2024-10-25T09:15:03.153",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The File Upload Types by WPForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
},
{
"lang": "es",
"value": "El complemento File Upload Types de WPForms para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 1.4.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG."
}
],
"metrics": {

8
CVE-2024/CVE-2024-100xx/CVE-2024-10050.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10050",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-24T09:15:02.747",
"lastModified": "2024-10-24T09:15:02.747",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft, Private and Password-protected posts they do not own."
},
{
"lang": "es",
"value": "El complemento Elementor Header & Footer Builder para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.6.43 incluida a trav\u00e9s del c\u00f3digo corto hfe_template. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, vean el contenido de publicaciones en borrador, privadas y protegidas con contrase\u00f1a que no son de su propiedad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-101xx/CVE-2024-10112.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10112",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T09:15:04.023",
"lastModified": "2024-10-25T09:15:04.023",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Simple News plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'news' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Simple News para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado \"news\" del complemento en todas las versiones hasta la 2.8 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-101xx/CVE-2024-10148.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10148",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T07:15:03.000",
"lastModified": "2024-10-25T07:15:03.000",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Awesome buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn2 shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Awesome Buttons para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo corto btn2 del complemento en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-101xx/CVE-2024-10150.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10150",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T08:15:02.243",
"lastModified": "2024-10-25T08:15:02.243",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bamazoo \u2013 Button Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dgs shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Bamazoo \u2013 Button Generator para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo corto dgs del complemento en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-101xx/CVE-2024-10176.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10176",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-24T11:15:14.057",
"lastModified": "2024-10-24T11:15:14.057",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Compact WP Audio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's \r\nsc_embed_player shortcode in all versions up to, and including, 1.9.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Compact WP Audio Player para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo corto sc_embed_player del complemento en todas las versiones hasta la 1.9.13 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-101xx/CVE-2024-10180.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10180",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-24T13:15:11.537",
"lastModified": "2024-10-24T13:15:11.537",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form 7 \u2013 Repeatable Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's field_group shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Contact Form 7 \u2013 Repeatable Fields para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del shortcode field_group del complemento en todas las versiones hasta la 2.0.1 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10282.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10282",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T15:15:29.590",
"lastModified": "2024-10-23T15:15:29.590",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Tenda RX9 y RX9 Pro 22.03.02.10/22.03.02.20. La funci\u00f3n sub_42EA38 del archivo /goform/SetVirtualServerCfg se ve afectada por esta vulnerabilidad. La manipulaci\u00f3n de la lista de argumentos provoca un desbordamiento del b\u00fafer basado en la pila. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10283.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10283",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T15:15:29.850",
"lastModified": "2024-10-23T15:15:29.850",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Tenda RX9 y RX9 Pro 22.03.02.20. La funci\u00f3n sub_4337EC del archivo /goform/SetNetControlList se ve afectada por este problema. La manipulaci\u00f3n de la lista de argumentos provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10290.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10290",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T15:15:30.110",
"lastModified": "2024-10-23T15:15:30.110",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in ZZCMS 2023. This affects an unknown part of the file 3/qq-connect2.0/API/com/inc.php. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "En ZZCMS 2023 se ha detectado una vulnerabilidad clasificada como problem\u00e1tica que afecta a una parte desconocida del archivo 3/qq-connect2.0/API/com/inc.php. La manipulaci\u00f3n da lugar a la divulgaci\u00f3n de informaci\u00f3n. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10291.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10291",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:04.597",
"lastModified": "2024-10-23T16:15:04.597",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en ZZCMS 2023 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n Ebak_DoExecSQL/Ebak_DotranExecutSQL del archivo 3/Ebak5.1/upload/phome.php. La manipulaci\u00f3n del argumento phome conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10292.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10292",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:04.943",
"lastModified": "2024-10-23T16:15:04.943",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en ZZCMS 2023 y se ha clasificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo 3/Ebak5.1/upload/ChangeTable.php. La manipulaci\u00f3n del argumento savefilename provoca una carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10293.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10293",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:05.207",
"lastModified": "2024-10-23T16:15:05.207",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en ZZCMS 2023. Se ha clasificado como cr\u00edtica. La funci\u00f3n Ebak_SetGotoPak del archivo 3/Ebbak5.1/upload/class/functions.php est\u00e1 afectada. La manipulaci\u00f3n del archivo de argumentos provoca una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10295.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10295",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-24T18:15:05.597",
"lastModified": "2024-10-24T19:35:03.070",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en Gateway. El env\u00edo de una autenticaci\u00f3n \"b\u00e1sica\" que no sea base64 con caracteres especiales puede provocar que APICast autentique incorrectamente una solicitud. Un encabezado de autenticaci\u00f3n b\u00e1sica mal formado que contenga caracteres especiales omite la autenticaci\u00f3n y permite el acceso no autorizado al backend. Este problema puede ocurrir debido a una falla en el proceso de decodificaci\u00f3n base64, que hace que APICast omita el resto de las comprobaciones de autenticaci\u00f3n y proceda a enrutar la solicitud en sentido ascendente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10296.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10296",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T17:15:13.690",
"lastModified": "2024-10-23T17:15:13.690",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en PHPGurukul Medical Card Generation System 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /admin/card-bwdates-reports-details.php del componente Report of Medical Card Page. La manipulaci\u00f3n del argumento fromdate/todate conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10297.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10297",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T18:15:05.137",
"lastModified": "2024-10-23T18:15:05.137",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en PHPGurukul Medical Card Generation System 1.0. Se ha calificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /admin/changeimage.php del componente Managecard Edit Image Page. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10298.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10298",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T19:15:14.920",
"lastModified": "2024-10-23T19:15:14.920",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Medical Card Generation System 1.0. Afecta a una parte desconocida del archivo /admin/edit-card-detail.php del componente Managecard Edit Card Detail Page. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10299.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10299",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T19:15:15.183",
"lastModified": "2024-10-23T19:15:15.183",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Medical Card Generation System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/view-card-detail.php del componente Managecard View Detail Page. La manipulaci\u00f3n del argumento viewid conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10300.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10300",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T20:15:05.060",
"lastModified": "2024-10-23T20:15:05.060",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Medical Card Generation System 1.0. Este problema afecta a algunos procesos desconocidos del archivo /admin/view-enquiry.php del componente View Enquiry Page. La manipulaci\u00f3n del argumento viewid provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10301.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10301",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T20:15:05.310",
"lastModified": "2024-10-23T20:15:05.310",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Medical Card Generation System 1.0. Se trata de una funci\u00f3n desconocida del archivo /admin/search-medicalcard.php del componente Search. La manipulaci\u00f3n del argumento searchdata provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10313.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10313",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-10-24T18:15:05.920",
"lastModified": "2024-10-24T18:15:05.920",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal \nvulnerability. When the software loads a malicious \u2018ems' project \ntemplate file constructed by an attacker, it can write files to \narbitrary directories. This can lead to overwriting system files, \ncausing system paralysis, or writing to startup items, resulting in \nremote control."
},
{
"lang": "es",
"value": "El editor HMI para PC de SCADA SpiderControl de iniNet Solutions tiene una vulnerabilidad de path traversal. Cuando el software carga un archivo de plantilla de proyecto 'ems' malicioso creado por un atacante, puede escribir archivos en directorios arbitrarios. Esto puede provocar la sobrescritura de archivos del sistema, lo que provoca una par\u00e1lisis del sistema o la escritura en elementos de inicio, lo que da como resultado el control remoto."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10327.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10327",
"sourceIdentifier": "psirt@okta.com",
"published": "2024-10-24T21:15:11.730",
"lastModified": "2024-10-24T21:15:11.730",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user\u2019s selection. When a user long-presses the notification banner and selects an option, both options allow the authentication to succeed. \nThe ContextExtension feature is one of several push mechanisms available when using Okta Verify Push on iOS devices. The vulnerable flows include: \n* When a user is presented with a notification on a locked screen, the user presses on the notification directly and selects their reply without unlocking the device; \n* When a user is presented with a notification on the home screen and drags the notification down and selects their reply; \n* When an Apple Watch is used to reply directly to a notification. \n\n A pre-condition for this vulnerability is that the user must have enrolled in Okta Verify while the Okta customer was using Okta Classic. This applies irrespective of whether the organization has since upgraded to Okta Identity Engine."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Okta Verify para las versiones iOS 9.25.1 (beta) y 9.27.0 (incluida la beta) permite respuestas de notificaciones push a trav\u00e9s de la funci\u00f3n ContextExtension de iOS, lo que permite que la autenticaci\u00f3n contin\u00fae independientemente de la selecci\u00f3n del usuario. Cuando un usuario presiona prolongadamente el banner de notificaci\u00f3n y selecciona una opci\u00f3n, ambas opciones permiten que la autenticaci\u00f3n se realice correctamente. La funci\u00f3n ContextExtension es uno de los varios mecanismos push disponibles al usar Okta Verify Push en dispositivos iOS. Los flujos vulnerables incluyen: * Cuando a un usuario se le presenta una notificaci\u00f3n en una pantalla bloqueada, el usuario presiona la notificaci\u00f3n directamente y selecciona su respuesta sin desbloquear el dispositivo; * Cuando a un usuario se le presenta una notificaci\u00f3n en la pantalla de inicio y arrastra la notificaci\u00f3n hacia abajo y selecciona su respuesta; * Cuando se usa un Apple Watch para responder directamente a una notificaci\u00f3n. Una condici\u00f3n previa para esta vulnerabilidad es que el usuario debe haberse registrado en Okta Verify mientras el cliente de Okta usaba Okta Classic. Esto se aplica independientemente de si la organizaci\u00f3n se ha actualizado desde entonces a Okta Identity Engine."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10331.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10331",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T11:15:14.327",
"lastModified": "2024-10-24T11:15:14.327",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record System 1.0. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como cr\u00edtica, en PHPGurukul Vehicle Record System 1.0. Este problema afecta a algunos procesos desconocidos del archivo /admin/search-vehicle.php. La manipulaci\u00f3n del argumento searchinputdata conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10332.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10332",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-10-24T13:15:11.830",
"lastModified": "2024-10-24T13:15:11.830",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability has been found in Janto v4.3r11 from Impronta. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the endpoint \u201c/abonados/public/janto/main.php\u201d."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de tipo Cross-Site Scripting en Janto v4.3r11 de Impronta. Esta vulnerabilidad permite a un atacante ejecutar c\u00f3digo JavaScript en el navegador de la v\u00edctima envi\u00e1ndole una URL maliciosa mediante el endpoint \u201c/abonados/public/janto/main.php\u201d."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10335.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10335",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T17:15:14.823",
"lastModified": "2024-10-24T17:15:14.823",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Garbage Collection Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter \"username\" to be affected. But it must be assumed that the parameter \"password\" is affected as well."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodester Garbage Collection Management System 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo login.php. La manipulaci\u00f3n del argumento nombre de usuario/contrase\u00f1a provoca una inyecci\u00f3n SQL. El ataque se puede iniciar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El aviso inicial para investigadores solo menciona que el par\u00e1metro \"nombre de usuario\" se ver\u00e1 afectado, pero se debe asumir que el par\u00e1metro \"contrase\u00f1a\" tambi\u00e9n se ver\u00e1 afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10336.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10336",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T17:15:15.143",
"lastModified": "2024-10-24T17:15:15.143",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php of the component Admin Login Page. The manipulation of the argument t1 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodeHero Clothes Recommendation System 1.0. Se ha calificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo /admin/index.php del componente Admin Login Page. La manipulaci\u00f3n del argumento t1 conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10337.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10337",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T18:15:06.170",
"lastModified": "2024-10-24T18:15:06.170",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodeHero Clothes Recommendation System 1.0. Se ve afectada una funci\u00f3n desconocida del archivo /admin/home.php?con=add. La manipulaci\u00f3n del argumento cat/subcat/t1/t2/text provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10338.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10338",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T18:15:06.437",
"lastModified": "2024-10-24T18:15:06.437",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodeHero Clothes Recommendation System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/home.php. The manipulation of the argument view/view1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodeHero Clothes Recommendation System 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /admin/home.php. La manipulaci\u00f3n del argumento view/view1 conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10341.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10341",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T08:15:02.467",
"lastModified": "2024-10-25T08:15:02.467",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The League of Legends Shortcodes plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento League of Legends Shortcodes para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del c\u00f3digo corto del complemento en versiones hasta la 1.0.1 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados con permisos de nivel de colaborador y superiores agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10342.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10342",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T08:15:02.670",
"lastModified": "2024-10-25T08:15:02.670",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The League of Legends Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento League of Legends Shortcodes para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de shortcodes en versiones hasta la 1.0.1 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en atributos proporcionados por el usuario. Esto permite que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10343.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10343",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T09:15:04.637",
"lastModified": "2024-10-25T09:15:04.637",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Beek Widget Extention plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 0.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Beek Widget Extention para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de c\u00f3digos cortos en versiones hasta la 0.9.5 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en atributos proporcionados por el usuario. Esto permite que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10348.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10348",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T22:15:03.040",
"lastModified": "2024-10-24T22:15:03.040",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only shows the field \"Last Name\" to be affected. Other fields might be affected as well."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodester Best House Rental Management System 1.0. Se ha clasificado como problem\u00e1tica. Afecta a una parte desconocida del archivo /index.php?page=tenants del componente Manage Tenant Details. La manipulaci\u00f3n del argumento Last Name/First Name/Middle Name provoca cross-site scripting. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El aviso inicial para investigadores solo muestra que el campo \"Last Name\" se ver\u00e1 afectado. Tambi\u00e9n podr\u00edan verse afectados otros campos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10349.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10349",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T22:15:03.410",
"lastModified": "2024-10-24T22:15:03.410",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function delete_tenant of the file /ajax.php?action=delete_tenant. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodester Best House Rental Management System 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n delete_tenant del archivo /ajax.php?action=delete_tenant. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10350.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10350",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T23:15:13.250",
"lastModified": "2024-10-24T23:15:13.250",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en code-projects Hospital Management System 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/add-doctor.php. La manipulaci\u00f3n del argumento docname conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10351.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10351",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T00:15:02.533",
"lastModified": "2024-10-25T00:15:02.533",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Tenda RX9 Pro 22.03.02.20. Se ha calificado como cr\u00edtica. Este problema afecta a la funci\u00f3n sub_424CE0 del archivo /goform/setMacFilterCfg del componente POST Request Handler. La manipulaci\u00f3n del argumento deviceList provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10353.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10353",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T00:15:02.800",
"lastModified": "2024-10-25T00:15:02.800",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This affects a different product and is a different issue than CVE-2024-40480."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Online Exam System 1.0. Se ve afectada una funci\u00f3n desconocida del archivo /admin-dashboard. La manipulaci\u00f3n conduce a controles de acceso inadecuados. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Afecta a un producto diferente y es un problema diferente a CVE-2024-40480."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10354.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10354",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T01:15:13.213",
"lastModified": "2024-10-25T01:15:13.213",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Petrol Pump Management Software 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /admin/print.php. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10355.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10355",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T01:15:13.497",
"lastModified": "2024-10-25T01:15:13.497",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como cr\u00edtica, en SourceCodester Petrol Pump Management Software 1.0. Este problema afecta a algunas funciones desconocidas del archivo /admin/invoice.php. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10368.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10368",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T02:15:02.327",
"lastModified": "2024-10-25T02:15:02.327",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Codezips Sales Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /addstock.php. The manipulation of the argument prodtype leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Codezips Sales Management System 1.0. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /addstock.php. La manipulaci\u00f3n del argumento prodtype provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10369.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10369",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T02:15:02.613",
"lastModified": "2024-10-25T02:15:02.613",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addcustcom.php. The manipulation of the argument refno leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Codezips Sales Management System 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /addcustcom.php. La manipulaci\u00f3n del argumento refno provoca una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10370.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10370",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T02:15:02.910",
"lastModified": "2024-10-25T02:15:02.910",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Codezips Sales Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcustind.php. The manipulation of the argument refno leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Codezips Sales Management System 1.0. Se ha calificado como cr\u00edtica. Este problema afecta a algunas funciones desconocidas del archivo /addcustind.php. La manipulaci\u00f3n del argumento refno provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10371.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10371",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T02:15:03.280",
"lastModified": "2024-10-25T02:15:03.280",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Payroll Management System 1.0. Afecta a la funci\u00f3n login del archivo main. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10372.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10372",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T02:15:03.597",
"lastModified": "2024-10-25T02:15:03.597",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. This vulnerability affects the function download_model of the file buzz/model_loader.py. The manipulation leads to insecure temporary file. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en chidiwilliams buzz 1.1.0. Esta vulnerabilidad afecta a la funci\u00f3n download_model del archivo buzz/model_loader.py. La manipulaci\u00f3n genera un archivo temporal inseguro. Es posible lanzar el ataque en el host local. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece ser dif\u00edcil. El exploit ha sido revelado al p\u00fablico y puede usarse. El proveedor fue contactado con anticipaci\u00f3n sobre esta revelaci\u00f3n pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

64
CVE-2024/CVE-2024-103xx/CVE-2024-10374.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-10374",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-25T12:15:02.410",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_loginout shortcode in all versions up to, and including, 3.4.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3172530/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wp-members/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ea93a49-0e1a-4a24-8f6b-03e624f517d4?source=cve",
"source": "security@wordfence.com"
}
]
}

4
CVE-2024/CVE-2024-103xx/CVE-2024-10376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10376",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T11:15:15.037",
"lastModified": "2024-10-25T11:15:15.037",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-103xx/CVE-2024-10377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10377",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T11:15:15.920",
"lastModified": "2024-10-25T11:15:15.920",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

137
CVE-2024/CVE-2024-103xx/CVE-2024-10378.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10378",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T12:15:02.650",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in ESAFENET CDG 5. Affected is the function actionViewCDGRenewFile of the file /com/esafenet/servlet/client/CDGRenewApplicationService.java. The manipulation of the argument CDGRenewFileId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://flowus.cn/share/5d03f1d5-695a-421b-8445-2273774ea97a?code=G8A6P3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281808",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281808",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.426086",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-103xx/CVE-2024-10379.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10379",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T12:15:02.890",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument decryptFileId with the input ../../../Windows/System32/drivers/etc/hosts leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The affected function has a typo and is missing an R. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-24"
}
]
}
],
"references": [
{
"url": "https://flowus.cn/share/0b03c61a-76a5-4f45-9ee7-a88e0f21d539?code=G8A6P3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281809",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281809",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.426087",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-103xx/CVE-2024-10380.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10380",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T13:15:17.547",
"lastModified": "2024-10-25T13:15:17.547",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/ajax_product.php. The manipulation of the argument drop_services leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/K1nako0/tmp_vuln5/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281810",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281810",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.431174",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

78
CVE-2024/CVE-2024-103xx/CVE-2024-10381.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-10381",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2024-10-25T13:15:17.810",
"lastModified": "2024-10-25T13:15:17.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow remote attacker to gain unauthorized access and take complete control of the targeted device."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
}
}
]
},
"weaknesses": [
{
"source": "vdisclose@cert-in.org.in",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0328",
"source": "vdisclose@cert-in.org.in"
}
]
}

8
CVE-2024/CVE-2024-202xx/CVE-2024-20260.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20260",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:13.950",
"lastModified": "2024-10-23T17:15:13.950",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory, which could cause SSL VPN connection processing to slow down and eventually cease all together.\r\n\r\nThis vulnerability is due to a lack of proper memory management for new incoming SSL/TLS connections on the virtual platforms. An attacker could exploit this vulnerability by sending a large number of new incoming SSL/TLS connections to the targeted virtual platform. A successful exploit could allow the attacker to deplete system memory, resulting in a denial of service (DoS) condition. The memory could be reclaimed slowly if the attack traffic is stopped, but a manual reload may be required to restore operations quickly."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los servidores web de administraci\u00f3n y VPN de las plataformas Cisco Adaptive Security Virtual Appliance (ASAv) y Cisco Secure Firewall Threat Defense Virtual (FTDv), anteriormente Cisco Firepower Threat Defense Virtual, podr\u00eda permitir que un atacante remoto no autenticado provoque que los dispositivos virtuales se queden sin memoria del sistema, lo que podr\u00eda hacer que el procesamiento de la conexi\u00f3n SSL VPN se ralentice y, finalmente, cese por completo. Esta vulnerabilidad se debe a la falta de una administraci\u00f3n de memoria adecuada para las nuevas conexiones SSL/TLS entrantes en las plataformas virtuales. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una gran cantidad de nuevas conexiones SSL/TLS entrantes a la plataforma virtual de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante agotar la memoria del sistema, lo que dar\u00eda como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La memoria podr\u00eda recuperarse lentamente si se detiene el tr\u00e1fico del ataque, pero puede ser necesaria una recarga manual para restaurar las operaciones r\u00e1pidamente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20264.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20264",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.180",
"lastModified": "2024-10-23T17:15:14.180",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20268.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20268",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.387",
"lastModified": "2024-10-23T17:15:14.387",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device.\r\n\r\nThis vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de protocolo simple de administraci\u00f3n de redes (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado provoque una recarga inesperada del dispositivo. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de los paquetes SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado mediante IPv4 o IPv6. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo afectado se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad afecta a todas las versiones de SNMP (versiones 1, 2c y 3) y requiere una cadena de comunidad SNMP v\u00e1lida o credenciales de usuario SNMPv3 v\u00e1lidas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20269.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20269",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.610",
"lastModified": "2024-10-23T17:15:14.610",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20273.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20273",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.813",
"lastModified": "2024-10-23T17:15:14.813",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20274.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20274",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.027",
"lastModified": "2024-10-23T17:15:15.027",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.\r\n\r\nThis vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado inyecte contenido HTML arbitrario en un documento generado por el dispositivo. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los datos proporcionados por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando contenido malicioso a un dispositivo afectado y utilizando el dispositivo para generar un documento que contenga informaci\u00f3n confidencial. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante alterar el dise\u00f1o est\u00e1ndar de los documentos generados por el dispositivo, acceder a archivos arbitrarios del sistema operativo subyacente y realizar ataques de server-side request forgery (SSRF). Para aprovechar esta vulnerabilidad con \u00e9xito, un atacante necesitar\u00eda credenciales v\u00e1lidas para una cuenta de usuario con permisos de edici\u00f3n de pol\u00edticas, como administrador de red, administrador de intrusiones o cualquier funci\u00f3n de usuario personalizada con las mismas capacidades."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20275.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20275",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.237",
"lastModified": "2024-10-23T17:15:15.237",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system.\r\n\r\nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de copia de seguridad de cl\u00faster del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema operativo subyacente. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los datos de usuario que se suministran a trav\u00e9s de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios del sistema operativo en el dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales v\u00e1lidas para una cuenta de usuario con al menos el rol de administrador de red. Adem\u00e1s, el atacante necesitar\u00eda persuadir a un usuario leg\u00edtimo para que inicie una copia de seguridad de cl\u00faster en el dispositivo afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20297.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20297",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.437",
"lastModified": "2024-10-23T17:15:15.437",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el firewall AnyConnect para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda haber sido denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico en el llenado de las ACL de grupo cuando un cliente AnyConnect establece una nueva sesi\u00f3n hacia un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n AnyConnect con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20298.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20298",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.710",
"lastModified": "2024-10-23T17:15:15.710",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20299.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20299",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:16.900",
"lastModified": "2024-10-23T17:15:16.900",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el firewall AnyConnect para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda haber sido denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico en el llenado de las ACL de grupo cuando un cliente AnyConnect establece una nueva sesi\u00f3n hacia un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n AnyConnect con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20300.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20300",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.253",
"lastModified": "2024-10-23T17:15:17.253",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20329.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20329",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.457",
"lastModified": "2024-10-23T17:15:17.457",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el subsistema SSH del software Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto autenticado ejecute comandos del sistema operativo como superusuario. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada manipulada al ejecutar comandos remotos de CLI a trav\u00e9s de SSH. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos en el sistema operativo subyacente con privilegios de nivel superusuario. Un atacante con privilegios de usuario limitados podr\u00eda usar esta vulnerabilidad para obtener control total sobre el sistema."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20330.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20330",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.663",
"lastModified": "2024-10-23T17:15:17.663",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.\r\n\r\nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.\r\nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el motor de detecci\u00f3n de TCP y UDP Snort 2 y Snort 3 del software Cisco Firepower Threat Defense (FTD) para los dispositivos Cisco Firepower de la serie 2100 podr\u00eda permitir que un atacante remoto no autenticado provoque da\u00f1os en la memoria, lo que podr\u00eda provocar que el motor de detecci\u00f3n de Snort se reinicie inesperadamente. Esta vulnerabilidad se debe a una administraci\u00f3n de memoria inadecuada cuando el motor de detecci\u00f3n de Snort procesa paquetes TCP o UDP espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes TCP o UDP manipulados a trav\u00e9s de un dispositivo que est\u00e9 inspeccionando el tr\u00e1fico mediante el motor de detecci\u00f3n de Snort. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante reiniciar el motor de detecci\u00f3n de Snort repetidamente, lo que podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La condici\u00f3n de DoS afecta solo al tr\u00e1fico a trav\u00e9s del dispositivo que examina el motor de detecci\u00f3n de Snort. El dispositivo a\u00fan se puede administrar a trav\u00e9s de la red. Nota: Una vez que se da\u00f1a un bloque de memoria, no se puede borrar hasta que se vuelva a cargar manualmente el dispositivo Cisco Firepower de la serie 2100. Esto significa que el motor de detecci\u00f3n de Snort podr\u00eda fallar repetidamente, provocando que el tr\u00e1fico procesado por el motor de detecci\u00f3n de Snort se descarte hasta que el dispositivo se vuelva a cargar manualmente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20331.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20331",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.870",
"lastModified": "2024-10-23T17:15:17.870",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating.\r\n\r\nThis vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de autenticaci\u00f3n de sesi\u00f3n de la funci\u00f3n VPN SSL de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado impida que los usuarios se autentiquen. Esta vulnerabilidad se debe a una entrop\u00eda insuficiente en el proceso de autenticaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad determinando el identificador de un usuario que se autentica y utiliz\u00e1ndolo para finalizar su sesi\u00f3n de autenticaci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obligar a un usuario a reiniciar el proceso de autenticaci\u00f3n, lo que impedir\u00eda que un usuario leg\u00edtimo estableciera sesiones VPN de acceso remoto."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20339.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20339",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.097",
"lastModified": "2024-10-23T17:15:18.097",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de procesamiento de TLS del software Cisco Firepower Threat Defense (FTD) para la serie Cisco Firepower 2100 podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un problema que ocurre cuando se procesa el tr\u00e1fico TLS. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando cierto tr\u00e1fico TLS a trav\u00e9s de IPv4 a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que genera una condici\u00f3n de DoS y afecta el tr\u00e1fico hacia y a trav\u00e9s del dispositivo afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20340.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20340",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.300",
"lastModified": "2024-10-23T17:15:18.300",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, an attacker must have a valid account on the device with the role of Security Approver, Intrusion Admin, Access Admin, or Network Admin.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to read the contents of databases on the affected device and also obtain limited read access to the underlying operating system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado realice un ataque de inyecci\u00f3n SQL contra un dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante debe tener una cuenta v\u00e1lida en el dispositivo con el rol de aprobador de seguridad, administrador de intrusiones, administrador de acceso o administrador de red. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer el contenido de las bases de datos en el dispositivo afectado y tambi\u00e9n obtener acceso de lectura limitado al sistema operativo subyacente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20341.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20341",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.493",
"lastModified": "2024-10-23T17:15:18.493",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de servicios de cliente web VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un navegador que est\u00e9 accediendo a un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario a los endpoints de la aplicaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que siga un enlace manipulado para enviar una entrada maliciosa a la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo HTML o script arbitrario en el navegador en el contexto de la p\u00e1gina de servicios web."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20342.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20342",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.703",
"lastModified": "2024-10-23T17:15:18.703",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.\r\n\r\nThis vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device."
},
{
"lang": "es",
"value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en la funci\u00f3n de filtrado de velocidad del motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado eluda un filtro de limitaci\u00f3n de velocidad configurado. Esta vulnerabilidad se debe a una comparaci\u00f3n incorrecta del recuento de conexiones. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s de un dispositivo afectado a una velocidad que supere un filtro de velocidad configurado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante eluda con \u00e9xito el filtro de velocidad. Esto podr\u00eda permitir que el tr\u00e1fico no deseado ingrese a la red protegida por el dispositivo afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20351.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20351",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.913",
"lastModified": "2024-10-23T17:15:18.913",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de manejo de tr\u00e1fico TCP/IP del motor de detecci\u00f3n Snort del software Cisco Firepower Threat Defense (FTD) y los servicios Cisco FirePOWER podr\u00eda permitir que un atacante remoto no autenticado provoque la p\u00e9rdida de tr\u00e1fico leg\u00edtimo de la red, lo que dar\u00eda lugar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a un manejo inadecuado del tr\u00e1fico de red TCP/IP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una gran cantidad de tr\u00e1fico de red TCP/IP a trav\u00e9s del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el dispositivo Cisco FTD pierda tr\u00e1fico de red, lo que dar\u00eda lugar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). El dispositivo afectado debe reiniciarse para resolver la condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20364.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20364",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:05.427",
"lastModified": "2024-10-23T18:15:05.427",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20370.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20370",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:05.637",
"lastModified": "2024-10-23T18:15:05.637",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Cisco FXOS CLI en plataformas de hardware espec\u00edficas para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante local autenticado eleve sus privilegios administrativos a superusuario. El atacante necesitar\u00eda credenciales administrativas v\u00e1lidas en el dispositivo para explotar esta vulnerabilidad. Esta vulnerabilidad existe porque ciertas configuraciones del sistema y archivos ejecutables tienen almacenamiento y permisos inseguros. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo y luego realizando una serie de pasos que incluyen la descarga de archivos de sistema maliciosos y el acceso a la CLI de Cisco FXOS para configurar el ataque. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener acceso como superusuario en el dispositivo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20372.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20372",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:05.863",
"lastModified": "2024-10-23T18:15:05.863",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20374.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20374",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:06.100",
"lastModified": "2024-10-23T18:15:06.100",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system.\r\n\r This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the Cisco FMC web-based management interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado con privilegios de nivel de administrador ejecute comandos arbitrarios en el sistema operativo subyacente. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de ciertos par\u00e1metros de solicitud HTTP que se env\u00edan a la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la interfaz de administraci\u00f3n basada en web de Cisco FMC y enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos como usuario ra\u00edz en el dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales de nivel de administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20377.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20377",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:06.327",
"lastModified": "2024-10-23T18:15:06.327",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to the web-based management interface not properly validating user-supplied input. An attacker could exploit this vulnerability by by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz. Esta vulnerabilidad se debe a que la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20379.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20379",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:06.553",
"lastModified": "2024-10-23T18:15:06.553",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system.\r\n\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system of the affected device. The attacker would need valid user credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado lea archivos arbitrarios del sistema operativo subyacente. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer archivos arbitrarios en el sistema operativo subyacente del dispositivo afectado. El atacante necesitar\u00eda credenciales de usuario v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20382.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20382",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:06.780",
"lastModified": "2024-10-23T18:15:06.780",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de servicios de cliente web VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un navegador que est\u00e9 accediendo a un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario a los endpoints de la aplicaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que siga un enlace dise\u00f1ado para enviar una entrada maliciosa a la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo HTML o script arbitrario en el navegador en el contexto de la p\u00e1gina de servicios web."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20384.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20384",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:07.030",
"lastModified": "2024-10-23T18:15:07.030",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.\r\n\r This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Network Service Group (NSG) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda estar denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico que ocurre cuando se completan las ACL de NSG en un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20386.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20386",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:07.257",
"lastModified": "2024-10-23T18:15:07.257",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20387.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20387",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:07.480",
"lastModified": "2024-10-23T18:15:07.480",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to conduct a stored XSS attack on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web de Cisco FMC Software podr\u00eda permitir que un atacante remoto autenticado almacene contenido malicioso para usarlo en ataques XSS. Esta vulnerabilidad se debe a una desinfecci\u00f3n de entrada incorrecta en la interfaz de administraci\u00f3n basada en la web de Cisco FMC Software. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un enlace malicioso. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar un ataque XSS almacenado en un dispositivo afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20388.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20388",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:07.697",
"lastModified": "2024-10-23T18:15:07.697",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.\r\n\r This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de cambio de contrase\u00f1a del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado determine nombres de usuario v\u00e1lidos en un dispositivo afectado. Esta vulnerabilidad se debe a una autenticaci\u00f3n incorrecta de las respuestas de actualizaci\u00f3n de contrase\u00f1a. Un atacante podr\u00eda aprovechar esta vulnerabilidad al forzar el restablecimiento de contrase\u00f1a en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante determinar nombres de usuario v\u00e1lidos en la respuesta no autenticada a un restablecimiento forzado de contrase\u00f1a."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20402.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20402",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:07.930",
"lastModified": "2024-10-23T18:15:07.930",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n SSL VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado haga que un dispositivo afectado se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a un error l\u00f3gico en la administraci\u00f3n de la memoria cuando el dispositivo est\u00e1 manejando conexiones SSL VPN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes SSL/TLS manipulados al servidor SSL VPN del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20403.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20403",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:08.193",
"lastModified": "2024-10-23T18:15:08.193",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20407.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20407",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:08.413",
"lastModified": "2024-10-23T18:15:08.413",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interacci\u00f3n entre la funci\u00f3n TCP Intercept y el motor de detecci\u00f3n Snort 3 en el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda las pol\u00edticas configuradas en un sistema afectado. Los dispositivos que est\u00e1n configurados con Snort 2 no se ven afectados por esta vulnerabilidad. Esta vulnerabilidad se debe a un error l\u00f3gico al manejar conexiones TCP embrionarias (semiabiertas). Un atacante podr\u00eda explotar esta vulnerabilidad enviando un patr\u00f3n de tr\u00e1fico manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el tr\u00e1fico no deseado ingrese a la red protegida por el dispositivo afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20408.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20408",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:08.697",
"lastModified": "2024-10-23T18:15:08.697",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device.\r\n\r This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de pol\u00edticas de acceso din\u00e1mico (DAP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado haga que un dispositivo afectado se recargue inesperadamente. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales de usuario de VPN de acceso remoto v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los datos en las solicitudes HTTPS POST. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTPS POST manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20409.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20409",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:08.970",
"lastModified": "2024-10-23T18:15:08.970",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20410.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20410",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:09.197",
"lastModified": "2024-10-23T18:15:09.197",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada dise\u00f1ada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20412.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20412",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:09.430",
"lastModified": "2024-10-23T18:15:09.430",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\r\n\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco Firepower Threat Defense (FTD) para Cisco Firepower 1000, 2100, 3100 y 4200 Series podr\u00eda permitir que un atacante local no autenticado acceda a un sistema afectado utilizando credenciales est\u00e1ticas. Esta vulnerabilidad se debe a la presencia de cuentas est\u00e1ticas con contrase\u00f1as codificadas en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la CLI de un dispositivo afectado con estas credenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder al sistema afectado y recuperar informaci\u00f3n confidencial, realizar acciones limitadas de resoluci\u00f3n de problemas, modificar algunas opciones de configuraci\u00f3n o hacer que el dispositivo no pueda iniciarse en el sistema operativo, lo que requiere una nueva imagen del dispositivo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20415.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20415",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:09.713",
"lastModified": "2024-10-23T18:15:09.713",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada dise\u00f1ada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20424.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20424",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:09.930",
"lastModified": "2024-10-23T18:15:09.930",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root.\r\n\r This vulnerability is due to insufficient input validation of certain HTTP requests. An attacker could exploit this vulnerability by authenticating to the web-based management interface of an affected device and then sending a crafted HTTP request to the device. A successful exploit could allow the attacker to execute arbitrary commands with root permissions on the underlying operating system of the Cisco FMC device or to execute commands on managed Cisco Firepower Threat Defense (FTD) devices. To exploit this vulnerability, the attacker would need valid credentials for a user account with at least the role of Security Analyst (Read Only)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema operativo subyacente como superusuario. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de ciertas solicitudes HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la interfaz de administraci\u00f3n basada en web de un dispositivo afectado y luego enviando una solicitud HTTP manipulada al dispositivo. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios con permisos superusuario en el sistema operativo subyacente del dispositivo Cisco FMC o ejecutar comandos en dispositivos Cisco Firepower Threat Defense (FTD) administrados. Para aprovechar esta vulnerabilidad, el atacante necesitar\u00eda credenciales v\u00e1lidas para una cuenta de usuario con al menos el rol de analista de seguridad (solo lectura)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20426.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20426",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:10.147",
"lastModified": "2024-10-23T18:15:10.147",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el protocolo de intercambio de claves de Internet versi\u00f3n 2 (IKEv2) para la terminaci\u00f3n de VPN del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico IKEv2 manipulado a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de DoS."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20431.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20431",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:10.440",
"lastModified": "2024-10-23T18:15:10.440",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.\r\n\r This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de control de acceso por geolocalizaci\u00f3n del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda una pol\u00edtica de control de acceso. Esta vulnerabilidad se debe a una asignaci\u00f3n incorrecta de datos de geolocalizaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir una pol\u00edtica de control de acceso basada en geolocalizaci\u00f3n y enviar tr\u00e1fico con \u00e9xito a un dispositivo protegido."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20471.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20471",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:10.773",
"lastModified": "2024-10-23T18:15:10.773",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\n\r This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n como administrador y enviando consultas SQL manipuladas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener datos no autorizados de la base de datos y realizar cambios en el sistema. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda privilegios de nivel de administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20472.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20472",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:11.007",
"lastModified": "2024-10-23T18:15:11.007",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n como administrador y enviando consultas SQL manipuladas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener datos no autorizados de la base de datos y realizar cambios en el sistema. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda privilegios de nivel de administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20473.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20473",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:11.280",
"lastModified": "2024-10-23T18:15:11.280",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n como administrador y enviando consultas SQL manipuladas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener datos no autorizados de la base de datos y realizar cambios en el sistema. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda privilegios de nivel de administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20474.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20474",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:11.517",
"lastModified": "2024-10-23T18:15:11.517",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.\r\n\r This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.\r\n\r Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de la versi\u00f3n 2 de Internet Key Exchange (IKEv2) de Cisco Secure Client Software podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) de Cisco Secure Client. Esta vulnerabilidad se debe a una condici\u00f3n de desbordamiento de enteros. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete IKEv2 manipulado a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar que Cisco Secure Client Software se bloquee, lo que provocar\u00eda una condici\u00f3n de DoS en el software cliente. Nota: Las versiones 4.10 y anteriores de Cisco Secure Client Software se conoc\u00edan como Cisco AnyConnect Secure Mobility Client."
}
],
"metrics": {

4
CVE-2024/CVE-2024-204xx/CVE-2024-20481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20481",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:11.737",
"lastModified": "2024-10-25T01:00:01.450",
"vulnStatus": "Received",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cisaExploitAdd": "2024-10-24",
"cisaActionDue": "2024-11-14",

Some files were not shown because too many files have changed in this diff Show More