admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-420xx/CVE-2024-42017.json
cad-safe-bot 4baf5a3079 Auto-Update: 2024-10-04T14:00:27.718839+00:00
2024-10-04 14:03:27 +00:00

52 lines
2.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-42017",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-30T18:15:05.827",
"lastModified": "2024-10-04T13:51:25.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Atos Eviden iCare 2.7.1 a 2.7.11. La aplicaci\u00f3n expone una interfaz web localmente. En el peor de los casos, si la aplicaci\u00f3n es accesible de forma remota, permite que un atacante ejecute comandos arbitrarios con privilegios del sistema en el endpoint que aloja la aplicaci\u00f3n, sin ninguna autenticaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://eviden.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.bull.com/ols/product/security/psirt/security-bulletins/multiple-critical-vulnerabilities-in-icare-psirt-625-tlp-clear-version-0-7-cve-2024-42017/view",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink