nvd-json-data-feeds/CVE-2024/CVE-2024-546xx/CVE-2024-54681.json

{
  "id": "CVE-2024-54681",
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "published": "2025-01-17T17:15:12.227",
  "lastModified": "2025-01-17T17:15:12.227",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple bash files were present in the application's private directory.\n Bash files can be used on their own, by an attacker that has already \nfull access to the mobile platform to compromise the translations for \nthe application."
    },
    {
      "lang": "es",
      "value": "Hab\u00eda varios archivos bash en el directorio privado de la aplicaci\u00f3n. Un atacante que ya tiene acceso total a la plataforma m\u00f3vil puede utilizar los archivos bash por s\u00ed solos para comprometer las traducciones de la aplicaci\u00f3n."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 2.0,
          "baseSeverity": "LOW",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "privilegesRequired": "LOW",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
          "baseScore": 3.5,
          "baseSeverity": "LOW",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-354-01",
      "source": "ics-cert@hq.dhs.gov"
    }
  ]
}