nvd-json-data-feeds/CVE-2024/CVE-2024-362xx/CVE-2024-36248.json

{
  "id": "CVE-2024-36248",
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "published": "2024-11-26T08:15:06.430",
  "lastModified": "2025-01-27T18:15:39.113",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "API keys for some cloud services are hardcoded in the \"main\" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
    },
    {
      "lang": "es",
      "value": "Las claves API de algunos servicios en la nube est\u00e1n codificadas en el binario \"principal\". Para conocer los detalles de los nombres de los productos afectados, los n\u00fameros de modelo y las versiones, consulte la informaci\u00f3n proporcionada por los respectivos proveedores que se incluye en [Referencias]."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "vultures@jpcert.or.jp",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2
      },
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "vultures@jpcert.or.jp",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ]
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://global.sharp/products/copier/info/info_security_2024-05.html",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://jp.sharp/business/print/information/info_security_2024-05.html",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://jvn.jp/en/vu/JVNVU93051062/",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://www.toshibatec.co.jp/information/20240531_02.html",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://www.toshibatec.com/information/20240531_02.html",
      "source": "vultures@jpcert.or.jp"
    }
  ]
}