admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-474xx/CVE-2024-47484.json
cad-safe-bot f5c9d355a3 Auto-Update: 2025-02-04T17:00:32.909910+00:00
2025-02-04 17:03:59 +00:00

142 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-47484",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-12-10T11:15:07.400",
"lastModified": "2025-02-04T16:11:14.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution."
},
{
"lang": "es",
"value": "Dell Avamar, versi\u00f3n 19.9, contiene una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL (\"inyecci\u00f3n SQL\"). Un atacante no autenticado con acceso remoto podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la ejecuci\u00f3n del comando."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A19DD36F-1EE9-4FBF-9968-DF270C5FD1C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C50D2C-B787-4366-AAED-057F9439A6A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41028ABC-C574-42AE-897B-E1C65CD0D0BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1D9257-AA6C-4D68-B209-E72128A017D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.10:-:*:*:*:*:*:*",
"matchCriteriaId": "7ADB97BD-3E80-439D-950C-93EF391DDA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:avamar_server:19.10:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D0075FDA-26E4-4687-9D94-21283E2B5028"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:avamar_data_store:gen4t:*:*:*:*:*:*:*",
"matchCriteriaId": "7B67D705-545D-44A2-BA4B-6E5108FB06CD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:avamar_data_store:gen5a:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFA5C46-9E8C-4EF9-A1F1-133ABB34C6B6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000258636/dsa-2024-489-security-update-for-dell-avamar-and-dell-avamar-virtual-edition-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink