admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-94xx/CVE-2024-9447.json
cad-safe-bot 45c9d5d76c Auto-Update: 2025-03-23T03:00:20.104511+00:00
2025-03-23 03:03:54 +00:00

60 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-9447",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:49.200",
"lastModified": "2025-03-20T10:15:49.200",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. The `/get/organisation/` endpoint does not verify the user's organization, allowing any authenticated user to retrieve sensitive configuration details, including API keys, of any organization. This could lead to unauthorized access to services and significant data breaches or financial loss."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la \u00faltima versi\u00f3n de transformeroptimus/superagi. El endpoint `/get/organization/` no verifica la organizaci\u00f3n del usuario, lo que permite que cualquier usuario autenticado obtenga informaci\u00f3n confidencial de configuraci\u00f3n, incluidas las claves API, de cualquier organizaci\u00f3n. Esto podr\u00eda provocar acceso no autorizado a los servicios y graves filtraciones de datos o p\u00e9rdidas financieras."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1230"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/c952ea32-3047-42d3-8a3e-e67899e35dfd",
"source": "security@huntr.dev"
}
]
}
Reference in New Issue View Git Blame Copy Permalink