admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-105xx/CVE-2024-10524.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

72 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-10524",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-11-19T15:15:06.740",
"lastModified": "2024-11-21T08:48:42.313",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host."
},
{
"lang": "es",
"value": "Las aplicaciones que utilizan Wget para acceder a un recurso remoto mediante URL abreviadas y pasan credenciales de usuario arbitrarias en la URL son vulnerables. En estos casos, los atacantes pueden introducir credenciales creadas que har\u00e1n que Wget acceda a un host arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "reefs@jfrog.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778",
"source": "reefs@jfrog.com"
},
{
"url": "https://jfrog.com/blog/cve-2024-10524-wget-zero-day-vulnerability/",
"source": "reefs@jfrog.com"
},
{
"url": "https://seclists.org/oss-sec/2024/q4/107",
"source": "reefs@jfrog.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/18/6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink