mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-31 02:31:22 +00:00
319 lines
8.7 KiB
JSON
319 lines
8.7 KiB
JSON
{
|
|
"id": "CVE-2024-9579",
|
|
"sourceIdentifier": "hp-security-alert@hp.com",
|
|
"published": "2024-11-05T17:15:07.667",
|
|
"lastModified": "2024-11-08T18:08:02.683",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": " Se descubri\u00f3 una vulnerabilidad potencial en ciertos dispositivos de videoconferencia de Poly. El fallo del firmware no desinfecta adecuadamente la entrada del usuario. La explotaci\u00f3n de esta vulnerabilidad depende de un ataque en capas y no puede explotarse por s\u00ed sola."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.6,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "hp-security-alert@hp.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.6,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-77"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "hp-security-alert@hp.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-77"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_tc8_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "6.3.2",
|
|
"matchCriteriaId": "6DCF1C57-F138-4118-BAA6-7286BA78F8DC"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_tc8:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F053C475-D941-4D4B-B433-8D67CD9A2C71"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_tc10_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "6.3.2",
|
|
"matchCriteriaId": "BC9FC9F3-5FB5-4E3B-9AF3-72BF90FAC13F"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_tc10:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5E9083C3-3142-494C-827C-56576ADFCA93"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_g7500_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.3.2",
|
|
"matchCriteriaId": "FCE079BE-F301-4CB3-AEF4-7A1F8BF52F0E"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_g7500:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C0B27E0D-4C00-42F8-8772-1C0B1D0F64FC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_x30_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "4.3.2",
|
|
"matchCriteriaId": "78D5810F-7044-4A7C-81E8-BF05F2163B5A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_x30:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "58648CB8-9564-4EAB-8049-65B048EF8000"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_x50_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.3.2",
|
|
"matchCriteriaId": "242A2E5D-D761-458E-BA4A-53F8DFF3B0A7"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_x50:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1424706A-4E51-4513-B962-59E9ABDD71E7"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_x70_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.3.2",
|
|
"matchCriteriaId": "520E74F3-26F8-408C-93AD-516373EACDF1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_x70:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A94CC22-4C6E-4415-9AB3-E0A3EC7BD672"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_x52_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.3.2",
|
|
"matchCriteriaId": "383C1531-70D5-4BB2-AB8D-49D92E661739"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_x52:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06C69912-7DB0-4510-884B-3FFF7AC6B1FB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hp:poly_studio_g62_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.3.2",
|
|
"matchCriteriaId": "5315BF05-1706-4A5B-9A9D-104AEDDC2C5C"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hp:poly_studio_g62:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FF7F293C-3F38-40DB-B909-F6E0C32219E0"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.hp.com/us-en/document/ish_11536495-11536533-16/hpsbpy03900",
|
|
"source": "hp-security-alert@hp.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |