admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-336xx/CVE-2024-33615.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-33615",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-05-15T20:15:12.687",
"lastModified": "2024-05-16T13:03:05.353",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specially crafted Zip file containing path traversal characters can be\n imported to the \nCyberPower PowerPanel \n\nserver, which allows file writing to the server outside\n the intended scope, and could allow an attacker to achieve remote code \nexecution."
},
{
"lang": "es",
"value": "Se puede importar al servidor CyberPower PowerPanel un archivo Zip especialmente manipulado que contiene caracteres de recorrido de ruta, lo que permite escribir archivos en el servidor fuera del alcance previsto y podr\u00eda permitir a un atacante lograr la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads",
"source": "ics-cert@hq.dhs.gov"
}
]
}
Reference in New Issue View Git Blame Copy Permalink