admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-93xx/CVE-2024-9312.json
cad-safe-bot 5ab0c2e030 Auto-Update: 2024-10-15T14:00:18.621893+00:00
2024-10-15 14:03:18 +00:00

64 lines
1.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-9312",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-10-10T14:15:05.863",
"lastModified": "2024-10-15T12:58:51.050",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges."
},
{
"lang": "es",
"value": "Authd, hasta la versi\u00f3n 0.3.6, no aleatorizaba lo suficiente los identificadores de usuario para evitar colisiones. Un atacante local que pudiera registrar nombres de usuario podr\u00eda falsificar el identificador de otro usuario y obtener sus privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-286"
}
]
}
],
"references": [
{
"url": "https://github.com/ubuntu/authd/security/advisories/GHSA-4gfw-wf7c-w6g2",
"source": "security@ubuntu.com"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9312",
"source": "security@ubuntu.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink