admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-522xx/CVE-2024-52270.json
cad-safe-bot 627729c313 Auto-Update: 2025-03-02T03:00:19.570958+00:00
2025-03-02 03:03:52 +00:00

109 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-52270",
"sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"published": "2024-12-05T11:15:06.837",
"lastModified": "2024-12-05T13:15:09.133",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing.\nDisplayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.\nThis issue affects DropBox Sign(HelloSign): through 2024-12-04."
},
{
"lang": "es",
"value": "La vulnerabilidad de representaci\u00f3n err\u00f3nea de informaci\u00f3n cr\u00edtica en la interfaz de usuario (IU) en DropBox Sign (HelloSign) permite la suplantaci\u00f3n de contenido. La versi\u00f3n mostrada no muestra la versi\u00f3n aplanada de la capa, una vez descargada. Si se imprime (por ejemplo, a trav\u00e9s de Google Chrome -> Examinar la vista previa de impresi\u00f3n): solo se mostrar\u00e1 la vulnerabilidad, no se aplanar\u00e1n todas las capas. Este problema afecta a DropBox Sign (HelloSign): hasta el 4 de diciembre de 2024."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
}
],
"references": [
{
"url": "https://app.hellosign.com/",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://drive.proton.me/urls/Z6DHXNRZQC#jkfO38rjOiOj",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://new.space/s/ZuHoujvkjdzfY7Uihah7Yg#SKWLU_g2Cihfj4qsq9XNy6F4saxVAzD876PujiDOYfs",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://sign.dropbox.com/",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://www.loom.com/share/48f63594e14c49e19840ad9cb7d60453?sid=816c6afa-0b67-4b0b-98ff-d5c58d464038",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://www.vulsec.org/advisories",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
}
]
}
Reference in New Issue View Git Blame Copy Permalink