CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
CVE-2023-4588 (GCVE-0-2023-4588)
Vulnerability from cvelistv5 – Published: 2023-09-06 11:43 – Updated: 2024-09-06 14:12
VLAI
Title
File accessibility vulnerability in Delinea Secret Server
Summary
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text.
Severity
6.8 (Medium)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
v10.9.000002
Affected: v11.4.000002 |
Date Public
2023-09-06 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T14:07:06.809136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:12:59.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "v10.9.000002"
},
{
"status": "affected",
"version": "v11.4.000002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "H\u00e9ctor de Armas Padr\u00f3n (@3v4SI0N)"
}
],
"datePublic": "2023-09-06T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"impacts": [
{
"capecId": "CAPEC-150",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-150 Collect Data from Common Resource Locations"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T11:43:19.278Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "File accessibility vulnerability in Delinea Secret Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4588",
"datePublished": "2023-09-06T11:43:19.278Z",
"dateReserved": "2023-08-29T07:44:07.813Z",
"dateUpdated": "2024-09-06T14:12:59.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4743 (GCVE-0-2023-4743)
Vulnerability from cvelistv5 – Published: 2023-09-03 23:00 – Updated: 2024-11-21 14:49
VLAI
Title
Dreamer CMS file access
Summary
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
CWE
- CWE-552 - Files or Directories Accessible
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.238632 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.238632 | signaturepermissions-required |
| https://github.com/FFR66/Dreamer-CMS_Unauthorized… | broken-linkexploit |
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.238632"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.238632"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/FFR66/Dreamer-CMS_Unauthorized-access-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-13T16:24:07.660144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:49:14.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CMS",
"vendor": "Dreamer",
"versions": [
{
"status": "affected",
"version": "4.1.0"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "4.1.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fkalis (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Dreamer CMS bis 4.1.3 ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Datei /upload/ueditorConfig?action=config. Durch das Beeinflussen mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T07:41:21.937Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.238632"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.238632"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/FFR66/Dreamer-CMS_Unauthorized-access-vulnerability"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-03T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-09-29T19:53:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "Dreamer CMS file access"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-4743",
"datePublished": "2023-09-03T23:00:06.540Z",
"dateReserved": "2023-09-03T06:35:39.468Z",
"dateUpdated": "2024-11-21T14:49:14.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47612 (GCVE-0-2023-47612)
Vulnerability from cvelistv5 – Published: 2023-11-09 12:07 – Updated: 2024-09-04 13:47
VLAI
Summary
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.
Severity
6.8 (Medium)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/2023/11… | third-party-advisory |
Impacted products
10 products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "KLCERT-22-194: Telit Cinterion (Thales/Gemalto) modules. Files or Directories Accessible to External Parties vulnerability",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:telit_cinterion:bgs5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bgs5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "bgs5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs6:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs6",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs6"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs8",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs8"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds6:pds6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds6",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds6"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds8",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds8"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:els61:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "els61",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "els61"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:els81:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "els81",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "els81"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pls62:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pls62",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pls62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T13:32:02.787633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T13:47:01.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "BGS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS6",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS8",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS6",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS8",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "ELS61",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "ELS81",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PLS62",
"vendor": "Telit Cinterion"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexander Kozlov from Kaspersky"
},
{
"lang": "en",
"type": "finder",
"value": "Sergey Anufrienko from Kaspersky"
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-09T17:12:52.926Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"name": "KLCERT-22-194: Telit Cinterion (Thales/Gemalto) modules. Files or Directories Accessible to External Parties vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-02-21T12:45:00.000Z",
"value": "Issue discovered by Kaspersky ICS CERT"
},
{
"lang": "en",
"time": "2023-04-27T15:56:00.000Z",
"value": "Confirmed by Telit Cinterion"
}
],
"workarounds": [
{
"lang": "en",
"value": "Control physical access to the device at all stages of transportation to protect against the embedding of backdoors."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2023-47612",
"datePublished": "2023-11-09T12:07:54.815Z",
"dateReserved": "2023-11-07T10:06:48.689Z",
"dateUpdated": "2024-09-04T13:47:01.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48661 (GCVE-0-2023-48661)
Vulnerability from cvelistv5 – Published: 2023-12-14 15:55 – Updated: 2024-08-02 21:37
VLAI
Summary
Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.
Severity
4.9 (Medium)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022042… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | vApp Manager |
Affected:
Versions prior to 9.2.4.x
|
Date Public
2023-12-13 06:30
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vApp Manager",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 9.2.4.x "
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dell Technologies would like to thank 33a6099 for reporting these issues. "
}
],
"datePublic": "2023-12-13T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.\u003c/span\u003e\n\n"
}
],
"value": "\nDell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T15:55:26.488Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-48661",
"datePublished": "2023-12-14T15:55:26.488Z",
"dateReserved": "2023-11-17T06:14:57.041Z",
"dateUpdated": "2024-08-02T21:37:54.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48710 (GCVE-0-2023-48710)
Vulnerability from cvelistv5 – Published: 2024-04-15 17:47 – Updated: 2024-08-02 21:37
VLAI
Title
iTop limit pages/exec.php script to PHP files
Summary
iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module.
The `pages/exec.php` script as been fixed to limit execution of PHP files only. Other file types won't be retrieved and exposed. The vulnerability is fixed in 2.7.10, 3.0.4, 3.1.1, and 3.2.0.
Severity
9.8 (Critical)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/Combodo/iTop/security/advisori… | x_refsource_CONFIRM |
| https://github.com/Combodo/iTop/commit/3b2da39469… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itop",
"vendor": "combodo",
"versions": [
{
"lessThan": "2.7.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.0.4",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:03:48.293598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T19:06:04.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc"
},
{
"name": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iTop",
"vendor": "Combodo",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.10"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.0, \u003c 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module. \n The `pages/exec.php` script as been fixed to limit execution of PHP files only. Other file types won\u0027t be retrieved and exposed. The vulnerability is fixed in 2.7.10, 3.0.4, 3.1.1, and 3.2.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T17:47:51.113Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc"
},
{
"name": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26"
}
],
"source": {
"advisory": "GHSA-g652-q7cc-7hfc",
"discovery": "UNKNOWN"
},
"title": "iTop limit pages/exec.php script to PHP files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48710",
"datePublished": "2024-04-15T17:47:51.113Z",
"dateReserved": "2023-11-17T19:43:37.555Z",
"dateUpdated": "2024-08-02T21:37:54.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49198 (GCVE-0-2023-49198)
Vulnerability from cvelistv5 – Published: 2024-08-21 09:37 – Updated: 2024-08-23 13:04
VLAI
Title
Apache SeaTunnel Web: Arbitrary file read vulnerability
Summary
Mysql security vulnerability in Apache SeaTunnel.
Attackers can read files on the MySQL server by modifying the information in the MySQL URL
allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360
This issue affects Apache SeaTunnel: 1.0.0.
Users are recommended to upgrade to version [1.0.1], which fixes the issue.
Severity
No CVSS data available.
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/48j9f1nsn037mgzc4… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache SeaTunnel Web |
Affected:
1.0.0
(maven)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_seatunnel_web:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apache_seatunnel_web",
"vendor": "apache_software_foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-49198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:09:43.236377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T13:13:52.118Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-21T14:03:03.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/08/21/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"product": "Apache SeaTunnel Web",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "jiahua huang"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mysql security vulnerability in Apache SeaTunnel.\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAttackers can read files on the MySQL server by modifying the information in the MySQL URL\u003cbr\u003e\u003cbr\u003e allowLoadLocalInfile=true\u0026amp;allowUrlInLocalInfile=true\u0026amp;allowLoadLocalInfileInPath=/\u0026amp;maxAllowedPacket=655360\u003c/span\u003e\u003c/tt\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache SeaTunnel: 1.0.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version [1.0.1], which fixes the issue.\u003c/p\u003e"
}
],
"value": "Mysql security vulnerability in Apache SeaTunnel.\n\nAttackers can read files on the MySQL server by modifying the information in the MySQL URL\n\n allowLoadLocalInfile=true\u0026allowUrlInLocalInfile=true\u0026allowLoadLocalInfileInPath=/\u0026maxAllowedPacket=655360\nThis issue affects Apache SeaTunnel: 1.0.0.\n\nUsers are recommended to upgrade to version [1.0.1], which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T13:04:21.616Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/48j9f1nsn037mgzc4j9o51nwglb1s08h"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache SeaTunnel Web: Arbitrary file read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-49198",
"datePublished": "2024-08-21T09:37:57.478Z",
"dateReserved": "2023-11-23T08:40:08.326Z",
"dateUpdated": "2024-08-23T13:04:21.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50164 (GCVE-0-2023-50164)
Vulnerability from cvelistv5 – Published: 2023-12-07 08:49 – Updated: 2025-03-14 03:55
VLAI
Title
Apache Struts: File upload component had a directory traversal vulnerability
Summary
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
Severity
No CVSS data available.
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
4 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Struts |
Affected:
2.0.0 , ≤ 2.5.32
(semver)
Affected: 6.0.0 , ≤ 6.3.0.1 (semver) |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/07/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231214-0010/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50164",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T03:55:16.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.struts",
"product": "Apache Struts",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.5.32",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.3.0.1",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Steven Seeley of Source Incite"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\u003c/span\u003e\u003cbr\u003eUsers are recommended to upgrade to versions \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eStruts 2.5.33 or Struts 6.3.0.2 or greater to\u003c/span\u003e\u0026nbsp;fix this issue.\u003cbr\u003e"
}
],
"value": "An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\nUsers are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to\u00a0fix this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T10:06:29.117Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory",
"mailing-list"
],
"url": "https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/07/1"
},
{
"url": "http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231214-0010/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Struts: File upload component had a directory traversal vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-50164",
"datePublished": "2023-12-07T08:49:19.853Z",
"dateReserved": "2023-12-04T08:37:57.468Z",
"dateUpdated": "2025-03-14T03:55:16.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5101 (GCVE-0-2023-5101)
Vulnerability from cvelistv5 – Published: 2023-10-09 12:07 – Updated: 2024-12-09 13:55
VLAI
Summary
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an
unprivileged remote attacker to download various files from the server via HTTP requests.
Severity
5.3 (Medium)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://sick.com/psirt | issue-tracking |
| https://sick.com/.well-known/csaf/white/2023/sca-… | vendor-advisory |
| https://sick.com/.well-known/csaf/white/2023/sca-… | x_csaf |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:44:53.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf"
},
{
"tags": [
"x_csaf",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:sick:apu0200:-:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "apu0200",
"vendor": "sick",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:47:19.122992Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T13:55:57.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "APU0200",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nFiles or Directories Accessible to External Parties in RDT400 in SICK APU allows an\nunprivileged remote attacker to download various files from the server via HTTP requests.\n\n"
}
],
"value": "\nFiles or Directories Accessible to External Parties in RDT400 in SICK APU allows an\nunprivileged remote attacker to download various files from the server via HTTP requests.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T12:07:13.545Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf"
},
{
"tags": [
"x_csaf"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\nThe recommended solution is to update the image to a version \u0026gt;= 4.0.0.6 as soon as possible.\u003cbr\u003e"
}
],
"value": "\n\n\nThe recommended solution is to update the image to a version \u003e= 4.0.0.6 as soon as possible.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-5101",
"datePublished": "2023-10-09T12:07:13.545Z",
"dateReserved": "2023-09-21T07:10:37.521Z",
"dateUpdated": "2024-12-09T13:55:57.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6375 (GCVE-0-2023-6375)
Vulnerability from cvelistv5 – Published: 2023-11-30 17:54 – Updated: 2024-08-02 08:28
VLAI
Title
Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely
Summary
Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials.
Severity
5.3 (Medium)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.tylertech.com/solutions/courts-public… | product |
| https://github.com/qwell/disorder-in-the-court/bl… | |
| https://techcrunch.com/2023/11/30/us-court-record… | media-coverage |
| https://www.cisa.gov/news-events/alerts/2023/11/3… | third-party-advisorygovernment-resource |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tyler Technologies | Court Case Management Plus |
Affected:
0
|
Date Public
2023-11-30 17:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.tylertech.com/solutions/courts-public-safety/courts-justice"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md"
},
{
"tags": [
"media-coverage",
"x_transferred"
],
"url": "https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/"
},
{
"tags": [
"third-party-advisory",
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Court Case Management Plus",
"vendor": "Tyler Technologies",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2023-11-30T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eTyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T20:54:37.073Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.tylertech.com/solutions/courts-public-safety/courts-justice"
},
{
"url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md"
},
{
"tags": [
"media-coverage"
],
"url": "https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/"
},
{
"tags": [
"third-party-advisory",
"government-resource"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2023-6375",
"datePublished": "2023-11-30T17:54:25.462Z",
"dateReserved": "2023-11-29T04:02:43.335Z",
"dateUpdated": "2024-08-02T08:28:21.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0949 (GCVE-0-2024-0949)
Vulnerability from cvelistv5 – Published: 2024-06-27 09:36 – Updated: 2025-10-14 12:33
VLAI
Title
Improper Access Control in Talya Informatics' Elektraweb
Summary
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.This issue affects Elektraweb: before v17.0.68.
Severity
9.8 (Critical)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Talya Informatics | Elektraweb |
Affected:
0 , < v17.0.68
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:talya_informatics:elektraweb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "elektraweb",
"vendor": "talya_informatics",
"versions": [
{
"lessThan": "v17.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0949",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T13:32:07.238546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T13:37:21.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:28.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elektraweb",
"vendor": "Talya Informatics",
"versions": [
{
"lessThan": "v17.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yusuf Kamil \u00c7AVU\u015eO\u011eLU"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.\u003cp\u003eThis issue affects Elektraweb: before v17.0.68.\u003c/p\u003e"
}
],
"value": "Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.This issue affects Elektraweb: before v17.0.68."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T12:33:41.539Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"
}
],
"source": {
"advisory": "TR-24-0808",
"defect": [
"TR-24-0808"
],
"discovery": "UNKNOWN"
},
"title": "Improper Access Control in Talya Informatics\u0027 Elektraweb",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-0949",
"datePublished": "2024-06-27T09:36:59.897Z",
"dateReserved": "2024-01-26T13:00:20.711Z",
"dateUpdated": "2025-10-14T12:33:41.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Implementation, System Configuration, Operation
Description:
- When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.