admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-130xx/CVE-2024-13040.json
cad-safe-bot 22fb3bea38 Auto-Update: 2025-01-05T03:00:19.815336+00:00
2025-01-05 03:03:46 +00:00

64 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-13040",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-12-31T02:15:06.303",
"lastModified": "2024-12-31T02:15:06.303",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation."
},
{
"lang": "es",
"value": "QOCA aim de Quanta Computer tiene una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n mediante clave controlada por el usuario. Al controlar el par\u00e1metro de identificaci\u00f3n del usuario, los atacantes remotos con privilegios normales podr\u00edan acceder a ciertas funciones como cualquier usuario, modificar la informaci\u00f3n y los privilegios de la cuenta de cualquier usuario, lo que provocar\u00eda una escalada de privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8337-7899f-2.html",
"source": "twcert@cert.org.tw"
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-8336-aa03b-1.html",
"source": "twcert@cert.org.tw"
}
]
}
Reference in New Issue View Git Blame Copy Permalink