admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-486xx/CVE-2024-48646.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-48646",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.640",
"lastModified": "2024-11-01T12:57:03.417",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the server, leading to further system compromise."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de carga de archivos sin restricciones en Sage 1000 v7.0.0 que permite a los usuarios autorizados cargar archivos sin la validaci\u00f3n adecuada. Un atacante podr\u00eda aprovechar esta vulnerabilidad cargando archivos maliciosos, como HTML, scripts u otro contenido ejecutable, que se pueden ejecutar en el servidor, lo que provocar\u00eda un mayor riesgo para el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/hx381/Sage-1000-v7.0.0-Exploit/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink