admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-388xx/CVE-2024-38819.json
cad-safe-bot 46d82ed44b Auto-Update: 2025-01-10T15:00:48.015580+00:00
2025-01-10 15:04:13 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-38819",
"sourceIdentifier": "security@vmware.com",
"published": "2024-12-19T18:15:10.557",
"lastModified": "2025-01-10T13:15:09.287",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running."
},
{
"lang": "es",
"value": "Las aplicaciones que ofrecen recursos est\u00e1ticos a trav\u00e9s de los marcos web funcionales WebMvc.fn o WebFlux.fn son vulnerables a ataques de path traversal. Un atacante puede manipular solicitudes HTTP maliciosas y obtener cualquier archivo del sistema de archivos al que tambi\u00e9n pueda acceder el proceso en el que se ejecuta la aplicaci\u00f3n Spring."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@vmware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://spring.io/security/cve-2024-38819",
"source": "security@vmware.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250110-0010/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink