mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
60 lines
2.0 KiB
JSON
60 lines
2.0 KiB
JSON
{
|
|
"id": "CVE-2024-54008",
|
|
"sourceIdentifier": "security-alert@hpe.com",
|
|
"published": "2024-12-10T19:15:30.900",
|
|
"lastModified": "2024-12-11T14:15:19.713",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) autenticada en la CLI de AirWave. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir que un actor de amenazas autenticado de forma remota ejecute comandos arbitrarios como un usuario privilegiado en el host subyacente."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "security-alert@hpe.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 7.2,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.2,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-78"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04765en_us&docLocale=en_US",
|
|
"source": "security-alert@hpe.com"
|
|
}
|
|
]
|
|
} |