admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-01 19:21:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-31xx/CVE-2024-3123.json
cad-safe-bot 7d032d8631 Auto-Update: 2024-07-01T14:02:32.990499+00:00
2024-07-01 14:05:25 +00:00

64 lines
2.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-3123",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-01T05:15:04.973",
"lastModified": "2024-07-01T12:37:24.220",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system commands."
},
{
"lang": "es",
"value": "CHANGING la funci\u00f3n de carga de Mobile One Time Password en una p\u00e1gina oculta no filtra el tipo de archivo correctamente. Los atacantes remotos con privilegios de administrador pueden aprovechar esta vulnerabilidad para cargar y ejecutar archivos maliciosos para ejecutar comandos del sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-7914-33fbb-2.html",
"source": "twcert@cert.org.tw"
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7913-6528e-1.html",
"source": "twcert@cert.org.tw"
}
]
}
Reference in New Issue View Git Blame Copy Permalink