admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-22xx/CVE-2024-2291.json
cad-safe-bot 4deb66f850 Auto-Update: 2024-10-06T02:00:16.927213+00:00
2024-10-06 02:03:15 +00:00

64 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-2291",
"sourceIdentifier": "security@progress.com",
"published": "2024-03-20T15:15:08.010",
"lastModified": "2024-03-20T17:18:21.343",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nIn Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered.\u00a0 An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de omisi\u00f3n de registro en las versiones de MOVEit Transfer publicadas antes de 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4). Un usuario autenticado podr\u00eda manipular una solicitud para omitir el mecanismo de registro dentro de la aplicaci\u00f3n web, lo que da como resultado que la actividad del usuario no se registre correctamente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@progress.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@progress.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-778"
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-March-2024",
"source": "security@progress.com"
},
{
"url": "https://www.progress.com/moveit",
"source": "security@progress.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink