nvd-json-data-feeds/CVE-2023/CVE-2023-294xx/CVE-2023-29485.json

{
  "id": "CVE-2023-29485",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-21T01:15:32.700",
  "lastModified": "2023-12-29T02:21:17.843",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes omitir el filtrado de red, ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00f3dulo de prevenci\u00f3n de amenazas DarkLayer Guard."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "3.5.3",
              "matchCriteriaId": "A77CAF90-FF93-4F80-9FF8-6318D80BA966"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "2.6.9",
              "matchCriteriaId": "AF6E8BE4-9359-4FFE-AAF5-91CEF7EF892F"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}