CWE-274
Improper Handling of Insufficient Privileges
The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
CVE-2022-23511 (GCVE-0-2022-23511)
Vulnerability from cvelistv5 – Published: 2022-12-12 00:00 – Updated: 2025-04-23 16:28
VLAI
Summary
A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITY\SYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they're able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue.
Severity
7.1 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| aws | amazon-cloudwatch-agent |
Affected:
< 1.247355
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:52:39.825277Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:28:53.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "amazon-cloudwatch-agent",
"vendor": "aws",
"versions": [
{
"status": "affected",
"version": "\u003c 1.247355"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITY\\SYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they\u0027re able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274: Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939"
},
{
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52"
}
],
"source": {
"advisory": "GHSA-j8x2-2m5w-j939",
"discovery": "UNKNOWN"
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23511",
"datePublished": "2022-12-12T00:00:00.000Z",
"dateReserved": "2022-01-19T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:28:53.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25782 (GCVE-0-2022-25782)
Vulnerability from cvelistv5 – Published: 2022-05-04 13:54 – Updated: 2024-08-03 04:49
VLAI
Title
Insufficient privilege checks on object access and updates.
Summary
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7.
Severity
5.4 (Medium)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.secomea.com/support/cybersecurity-advisory/ | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Secomea | GateManager |
Affected:
unspecified , < 9.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:43.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "GateManager",
"vendor": "Secomea",
"versions": [
{
"lessThan": "9.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T13:54:16.000Z",
"orgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"shortName": "Secomea"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
],
"source": {
"defect": [
"RD-5335"
],
"discovery": "INTERNAL"
},
"title": "Insufficient privilege checks on object access and updates.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "VulnerabilityReporting@secomea.com",
"ID": "CVE-2022-25782",
"STATE": "PUBLIC",
"TITLE": "Insufficient privilege checks on object access and updates."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GateManager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.7"
}
]
}
}
]
},
"vendor_name": "Secomea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.secomea.com/support/cybersecurity-advisory/",
"refsource": "MISC",
"url": "https://www.secomea.com/support/cybersecurity-advisory/"
}
]
},
"source": {
"defect": [
"RD-5335"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90",
"assignerShortName": "Secomea",
"cveId": "CVE-2022-25782",
"datePublished": "2022-05-04T13:54:16.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:49:43.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45101 (GCVE-0-2022-45101)
Vulnerability from cvelistv5 – Published: 2023-02-01 04:41 – Updated: 2025-03-26 20:22
VLAI
Summary
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution.
Severity
7.3 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale OneFS |
Affected:
9.0.0.x , ≤ 9.4.0.x
(custom)
|
Date Public
2022-12-13 17:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000206357/dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T20:22:27.225918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:22:33.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "9.4.0.x",
"status": "affected",
"version": "9.0.0.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cdiv\u003eDell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution.\u003c/div\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nDell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274: Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T04:41:10.012Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000206357/dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2022-45101",
"datePublished": "2023-02-01T04:41:10.012Z",
"dateReserved": "2022-11-09T15:48:33.040Z",
"dateUpdated": "2025-03-26T20:22:33.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20516 (GCVE-0-2023-20516)
Vulnerability from cvelistv5 – Published: 2025-09-06 16:13 – Updated: 2025-09-08 13:42
VLAI
Summary
Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
Severity
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD Instinct™ MI250 |
Unaffected:
ROCm 6.3
|
|
| AMD | AMD Instinct™ MI210 |
Unaffected:
ROCm 6.3
|
|
| AMD | AMD Radeon™ Instinct™ MI25 Graphics Products |
Unaffected:
Contact your AMD Customer Engineering representative
|
|
| AMD | AMD Radeon™ PRO V520 Graphics Products |
Unaffected:
Contact your AMD Customer Engineering representative
|
|
| AMD | AMD Radeon™ PRO V620 Graphics Products |
Unaffected:
Contact your AMD Customer Engineering representative
|
Date Public
2025-09-06 15:52
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T13:42:18.893121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T13:42:33.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI250",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.3"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI210",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.3"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 Instinct\u2122 MI25 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V520 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V620 Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
}
],
"datePublic": "2025-09-06T15:52:34.355Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.\u003cbr\u003e"
}
],
"value": "Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-06T16:13:36.336Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2023-20516",
"datePublished": "2025-09-06T16:13:36.336Z",
"dateReserved": "2022-10-27T18:53:39.736Z",
"dateUpdated": "2025-09-08T13:42:33.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32494 (GCVE-0-2023-32494)
Vulnerability from cvelistv5 – Published: 2023-08-16 12:56 – Updated: 2024-10-08 19:13
VLAI
Summary
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
Severity
6.7 (Medium)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00021671… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale OneFS |
Affected:
Version 9.2.1.0 through 9.2.1.22 , Version 9.4.0.0 through 9.4.0.13, Version 9.5.0.0 through 9.5.0.3
|
Date Public
2023-08-14 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:13:16.998994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:13:26.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Version 9.2.1.0 through 9.2.1.22 , Version 9.4.0.0 through 9.4.0.13, Version 9.5.0.0 through 9.5.0.3"
}
]
}
],
"datePublic": "2023-08-14T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274: Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-16T12:56:09.726Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32494",
"datePublished": "2023-08-16T12:56:09.726Z",
"dateReserved": "2023-05-09T06:11:48.749Z",
"dateUpdated": "2024-10-08T19:13:26.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35928 (GCVE-0-2023-35928)
Vulnerability from cvelistv5 – Published: 2023-06-23 20:58 – Updated: 2024-12-05 16:18
VLAI
Title
Nextcloud user scoped external storage can be used to gather credentials of other users
Summary
Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, a user could use this functionality to get access to the login credentials of another user and take over their account. This issue has been patched in Nextcloud Server versions 25.0.7 and 26.0.2 and NextCloud Enterprise Server versions 19.0.13.9, 20.0.14.14, 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2.
Three workarounds are available. Disable app files_external. Change config setting "Allow users to mount external storage" to disabled in "Administration" > "External storage" settings `…/index.php/settings/admin/externalstorages`. Change config setting to disallow users to create external storages in "Administration" > "External storage" settings `…/index.php/settings/admin/externalstorages` with the types FTP, Nextcloud, SFTP, and/or WebDAV.
Severity
8.5 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/server/pull/38265 | x_refsource_MISC |
| https://hackerone.com/reports/1978882 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
Nextcloud Enterprise Server >= 19.0.0, < 19.0.13.9
Affected: Nextcloud Enterprise Server >= 20.0.0.0, < 20.0.14.14 Affected: Nextcloud Enterprise Server >= 21.0.0.0, < 21.0.9.12 Affected: Nextcloud Enterprise Server >= 22.0.0.0, < 22.2.10.12 Affected: Nextcloud Enterprise Server >= 23.0.0.0, < 23.0.12.7 Affected: Nextcloud Enterprise Server >= 24.0.0.0, < 24.0.12.2 Affected: Nextcloud Enterprise Server >= 25.0.0, < 25.0.7 Affected: Nextcloud Enterprise Server >= 26.0.0, < 26.0.2 Affected: Nextcloud Server >= 25.0.0, < 25.0.7 Affected: Nextcloud Server >= 26.0.0, < 26.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:37:40.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h"
},
{
"name": "https://github.com/nextcloud/server/pull/38265",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/server/pull/38265"
},
{
"name": "https://hackerone.com/reports/1978882",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1978882"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35928",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T16:18:00.553586Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T16:18:09.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 19.0.0, \u003c 19.0.13.9"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 20.0.0.0, \u003c 20.0.14.14"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 21.0.0.0, \u003c 21.0.9.12"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 22.0.0.0, \u003c 22.2.10.12"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 23.0.0.0, \u003c 23.0.12.7"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 24.0.0.0, \u003c 24.0.12.2"
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 25.0.0, \u003c 25.0.7 "
},
{
"status": "affected",
"version": "Nextcloud Enterprise Server \u003e= 26.0.0, \u003c 26.0.2"
},
{
"status": "affected",
"version": "Nextcloud Server \u003e= 25.0.0, \u003c 25.0.7"
},
{
"status": "affected",
"version": "Nextcloud Server \u003e= 26.0.0, \u003c 26.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, a user could use this functionality to get access to the login credentials of another user and take over their account. This issue has been patched in Nextcloud Server versions 25.0.7 and 26.0.2 and NextCloud Enterprise Server versions 19.0.13.9, 20.0.14.14, 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2.\n\nThree workarounds are available. Disable app files_external. Change config setting \"Allow users to mount external storage\" to disabled in \"Administration\" \u003e \"External storage\" settings `\u2026/index.php/settings/admin/externalstorages`. Change config setting to disallow users to create external storages in \"Administration\" \u003e \"External storage\" settings `\u2026/index.php/settings/admin/externalstorages` with the types FTP, Nextcloud, SFTP, and/or WebDAV."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274: Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T20:58:33.225Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h"
},
{
"name": "https://github.com/nextcloud/server/pull/38265",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/server/pull/38265"
},
{
"name": "https://hackerone.com/reports/1978882",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1978882"
}
],
"source": {
"advisory": "GHSA-637g-xp2c-qh5h",
"discovery": "UNKNOWN"
},
"title": "Nextcloud user scoped external storage can be used to gather credentials of other users"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-35928",
"datePublished": "2023-06-23T20:58:33.225Z",
"dateReserved": "2023-06-20T14:02:45.593Z",
"dateUpdated": "2024-12-05T16:18:09.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39375 (GCVE-0-2023-39375)
Vulnerability from cvelistv5 – Published: 2023-09-26 09:15 – Updated: 2024-09-24 13:24
VLAI
Title
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges
Summary
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges
Severity
7.5 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SiberianCMS | SiberianCMS |
Affected:
versions 4.*, 5.* , ≤ upgrade to version 4.20.44 or 5.0.4
(custom)
|
Date Public
2023-09-26 09:07
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T13:23:48.938097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T13:24:36.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SiberianCMS",
"vendor": "SiberianCMS",
"versions": [
{
"lessThanOrEqual": "upgrade to version 4.20.44 or 5.0.4",
"status": "affected",
"version": "versions 4.*, 5.*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Eddie Zaltsman (Ultra-Red), Yotam Zaltsman (Sling)"
}
],
"datePublic": "2023-09-26T09:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSiberianCMS - CWE-274: Improper Handling of Insufficient Privileges\u003c/span\u003e\n\n"
}
],
"value": "\nSiberianCMS - CWE-274: Improper Handling of Insufficient Privileges\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-26T09:15:01.807Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eupgrade to version 4.20.44 or 5.0.4\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nupgrade to version 4.20.44 or 5.0.4\n\n\n"
}
],
"source": {
"advisory": "ILVN-2023-0132",
"discovery": "UNKNOWN"
},
"title": "SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2023-39375",
"datePublished": "2023-09-26T09:15:01.807Z",
"dateReserved": "2023-07-30T10:41:13.579Z",
"dateUpdated": "2024-09-24T13:24:36.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0105 (GCVE-0-2024-0105)
Vulnerability from cvelistv5 – Published: 2024-11-01 05:36 – Updated: 2024-11-01 14:17
VLAI
Summary
NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
Severity
8.9 (High)
CWE
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | ConnectX4 |
Affected:
All versions prior to 12.28.2302
|
|
| NVIDIA | ConnectX4 LX |
Affected:
All versions prior to xx.32.1900
|
|
| NVIDIA | ConnectX GA |
Affected:
All versions prior to xx.41.1000
|
|
| NVIDIA | ConnectX LTS22 |
Affected:
All versions prior to xx.35.4030
|
|
| NVIDIA | ConnectX LTS23 |
Affected:
All versions prior to xx.39.3560
|
|
| NVIDIA | BlueField 1 |
Affected:
All versions prior to 18.31.1014
|
|
| NVIDIA | BlueField GA |
Affected:
All versions prior to xx.41.1000
|
|
| NVIDIA | BlueField LTS22 |
Affected:
All versions prior to xx.35.4030
|
|
| NVIDIA | BlueField LTS23 |
Affected:
All versions prior to xx.39.3560
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T14:16:56.978053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:17:06.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ConnectX4",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 12.28.2302"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ConnectX4 LX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.32.1900"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ConnectX 6",
"ConnectX 6 DX",
"ConnectX 6 LX",
"ConnectX 7"
],
"product": "ConnectX GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.41.1000"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ConnectX 5",
"ConnectX 6",
"ConnectX 6 DX",
"ConnectX 6 LX",
"ConnectX 7"
],
"product": "ConnectX LTS22",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.35.4030"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ConnectX 6",
"ConnectX 6 DX",
"ConnectX 6 LX",
"ConnectX 7"
],
"product": "ConnectX LTS23",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.39.3560"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 18.31.1014"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2",
"BlueField 3"
],
"product": "BlueField GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.41.1000"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2"
],
"product": "BlueField LTS22",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.35.4030"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2",
"BlueField 3"
],
"product": "BlueField LTS23",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.39.3560"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.\u003c/span\u003e"
}
],
"value": "NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, data tampering, and limited information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T05:36:06.601Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5562"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0105",
"datePublished": "2024-11-01T05:36:06.601Z",
"dateReserved": "2023-12-02T00:42:15.099Z",
"dateUpdated": "2024-11-01T14:17:06.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0106 (GCVE-0-2024-0106)
Vulnerability from cvelistv5 – Published: 2024-11-01 05:53 – Updated: 2024-11-01 14:14
VLAI
Summary
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
Severity
8.7 (High)
CWE
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | BlueField 1 |
Affected:
All versions prior to 18.31.1014
|
|
| NVIDIA | BlueField GA |
Affected:
All versions prior to xx.41.1000
|
|
| NVIDIA | BlueField LTS22 |
Affected:
All versions prior to xx.35.4030
|
|
| NVIDIA | BlueField LTS23 |
Affected:
All versions prior to xx.39.3560
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T14:02:24.208333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:14:53.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BlueField 1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 18.31.1014"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2",
"BlueField 3"
],
"product": "BlueField GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.41.1000"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2"
],
"product": "BlueField LTS22",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.35.4030"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"BlueField 2",
"BlueField 3"
],
"product": "BlueField LTS23",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to xx.39.3560"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering, denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T05:53:31.345Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5562"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0106",
"datePublished": "2024-11-01T05:53:31.345Z",
"dateReserved": "2023-12-02T00:42:16.005Z",
"dateUpdated": "2024-11-01T14:14:53.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12666 (GCVE-0-2024-12666)
Vulnerability from cvelistv5 – Published: 2024-12-16 20:00 – Updated: 2024-12-17 14:29
VLAI
Title
ClassCMS User Management Page admin insufficient privileges
Summary
A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component User Management Page. The manipulation leads to improper handling of insufficient privileges. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
4.7 (Medium)
4.7 (Medium)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.288535 | vdb-entry |
| https://vuldb.com/?ctiid.288535 | signaturepermissions-required |
| https://vuldb.com/?submit.461120 | third-party-advisory |
| https://github.com/Jack-Black-13/blob/blob/main/C… | exploit |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12666",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T14:29:26.735276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T14:29:37.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"User Management Page"
],
"product": "ClassCMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.7"
},
{
"status": "affected",
"version": "4.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vulbox (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component User Management Page. The manipulation leads to improper handling of insufficient privileges. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In ClassCMS bis 4.8 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /admin?do=admin:user:editPost der Komponente User Management Page. Mittels dem Manipulieren mit unbekannten Daten kann eine improper handling of insufficient privileges-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T20:00:12.804Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-288535 | ClassCMS User Management Page admin insufficient privileges",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.288535"
},
{
"name": "VDB-288535 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.288535"
},
{
"name": "Submit #461120 | ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.461120"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-16T09:58:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "ClassCMS User Management Page admin insufficient privileges"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12666",
"datePublished": "2024-12-16T20:00:12.804Z",
"dateReserved": "2024-12-16T08:53:03.678Z",
"dateUpdated": "2024-12-17T14:29:37.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.