mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
333 lines
11 KiB
JSON
333 lines
11 KiB
JSON
{
|
|
"id": "CVE-2024-1062",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2024-02-12T13:15:09.210",
|
|
"lastModified": "2024-10-10T14:22:28.617",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se encontr\u00f3 una falla de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en 389-ds-base. Este problema provoca una denegaci\u00f3n de servicio al escribir un valor superior a 256 caracteres en log_entry_attr."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "secalert@redhat.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 5.5,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 3.6
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "secalert@redhat.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-122"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "2.2.0",
|
|
"matchCriteriaId": "555F8661-DCE6-441E-9251-CD8D8E8734F6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:directory_server:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0BCE19AC-8DA8-4574-B122-CF1FFB20875D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:directory_server:11.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9684A709-4D17-4AEB-BB13-9DC3B75EF902"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:directory_server:11.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9BF83982-31CF-4692-9055-BB65B59AFA08"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:41:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2D4E93B-C80E-4F15-9177-8B31016381C0"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3DAF61A-58A9-41A6-A4DC-64148055B0C1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3EFBEEE7-8BC5-4F4E-8EFA-42A6743152BB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "83981111-E13A-4A88-80FD-F63D7CCAA47F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "78825319-8A45-4880-B7C4-2B223029DDD3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C415CABF-E1C4-4E95-9424-AEEEAFF1CAE7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "83364F5C-57F4-4D57-B54F-540CAC1D7753"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A49ABD84-6755-4894-AD4E-49AAD39933C2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71DDE212-1018-4554-9C06-4908442DE134"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "12A809B2-2771-4780-9E0D-6A7B4A534CFB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE4AEBCB-B1E6-4A6A-9E8C-DDC5A003BCB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FB096D5D-E8F6-4164-8B76-0217B7151D30"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "01ED4F33-EBE7-4C04-8312-3DA580EFFB68"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:1074",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:1372",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:3047",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:4209",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:4633",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:5690",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2024:7458",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/security/cve/CVE-2024-1062",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |