All the vulnerabilites related to Allegra - Allegra
cve-2023-51644
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-102/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.532-06:00",
"datePublic": "2024-02-09T12:13:03.064-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the configuration of Struts. The issue results from improper access control. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22512."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:06.646Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-102",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-102/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51644",
"datePublished": "2024-11-22T20:05:06.646Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:06.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51638
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra Hard-coded Credentials Authentication Bypass Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-111/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0.24"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.496-06:00",
"datePublic": "2024-02-09T12:17:35.221-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the configuration of a database. The issue results from the use of a hardcoded password. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22360."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:00.240Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-111",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-111/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra Hard-coded Credentials Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51638",
"datePublished": "2024-11-22T20:05:00.240Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-11-22T20:05:00.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52333
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-104/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2024-01-11T14:42:51.889-06:00",
"datePublic": "2024-02-09T12:13:19.120-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.\n\nThe specific flaw exists within the saveFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22548."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:12.977Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-104",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-104/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra saveFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-52333",
"datePublished": "2024-11-22T20:05:12.977Z",
"dateReserved": "2024-01-11T20:39:58.815Z",
"dateUpdated": "2024-11-22T20:05:12.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5580
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1163/ | x_research-advisory | |
| https://alltena.com/en/resources/release-notes/relnotes-7-5-2 | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.1.9"
}
]
}
],
"dateAssigned": "2024-05-31T16:02:27.242-05:00",
"datePublic": "2024-08-22T15:34:23.098-05:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the loadFieldMatch method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-23452."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:26.675Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1163",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1163/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://alltena.com/en/resources/release-notes/relnotes-7-5-2"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-5580",
"datePublished": "2024-11-22T20:05:26.675Z",
"dateReserved": "2024-05-31T21:02:27.215Z",
"dateUpdated": "2024-11-22T20:05:26.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52334
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-112/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2024-01-11T14:42:51.898-06:00",
"datePublic": "2024-02-09T12:18:47.329-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.\n\nThe specific flaw exists within the downloadAttachmentGlobal action. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22507."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:14.057Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-112",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-112/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-52334",
"datePublished": "2024-11-22T20:05:14.057Z",
"dateReserved": "2024-01-11T20:39:58.816Z",
"dateUpdated": "2024-11-22T20:05:14.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51642
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-105/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.520-06:00",
"datePublic": "2024-02-09T12:16:32.339-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.\n\nThe specific flaw exists within the loadFieldMatch method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22506."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:04.508Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-105",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-105/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51642",
"datePublished": "2024-11-22T20:05:04.508Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:04.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51647
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-108/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.551-06:00",
"datePublic": "2024-02-09T12:17:12.529-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the saveInlineEdit method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22528."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:09.693Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-108",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-108/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51647",
"datePublished": "2024-11-22T20:05:09.693Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:09.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51640
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-107/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.508-06:00",
"datePublic": "2024-02-09T12:16:58.382-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the extarctZippedFile [sic] method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22504."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:02.383Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-107",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-107/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51640",
"datePublished": "2024-11-22T20:05:02.383Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-11-22T20:05:02.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52332
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-100/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2024-01-11T14:42:51.877-06:00",
"datePublic": "2024-02-09T12:12:47.043-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the serveMathJaxLibraries method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22532."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:12.032Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-100",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-100/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-52332",
"datePublished": "2024-11-22T20:05:12.032Z",
"dateReserved": "2024-01-11T20:39:58.815Z",
"dateUpdated": "2024-11-22T20:05:12.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51648
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-099/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.556-06:00",
"datePublic": "2024-02-09T12:12:40.085-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a registration mechanism that can be used to create a new user with a sufficient privilege level.\n\nThe specific flaw exists within the getFileContentAsString method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22530."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:10.665Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-099",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-099/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51648",
"datePublished": "2024-11-22T20:05:10.665Z",
"dateReserved": "2023-12-20T21:52:34.965Z",
"dateUpdated": "2024-11-22T20:05:10.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5579
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1162/ | x_research-advisory | |
| https://alltena.com/en/resources/release-notes/relnotes-7-5-2 | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.1.9"
}
]
}
],
"dateAssigned": "2024-05-31T16:01:12.004-05:00",
"datePublic": "2024-08-22T15:34:19.063-05:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the renderFieldMatch method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-23451."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:25.729Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1162",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1162/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://alltena.com/en/resources/release-notes/relnotes-7-5-2"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-5579",
"datePublished": "2024-11-22T20:05:25.729Z",
"dateReserved": "2024-05-31T21:01:11.974Z",
"dateUpdated": "2024-11-22T20:05:25.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51645
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-101/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.538-06:00",
"datePublic": "2024-02-09T12:12:55.727-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the unzipFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22513."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:07.712Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-101",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-101/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51645",
"datePublished": "2024-11-22T20:05:07.712Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:07.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5581
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1164/ | x_research-advisory | |
| https://alltena.com/en/resources/release-notes/relnotes-7-5-2 | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.1.9"
}
]
}
],
"dateAssigned": "2024-05-31T16:03:03.395-05:00",
"datePublic": "2024-08-22T15:34:25.614-05:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the unzipFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-23453."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:27.761Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1164",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1164/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://alltena.com/en/resources/release-notes/relnotes-7-5-2"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-5581",
"datePublished": "2024-11-22T20:05:27.761Z",
"dateReserved": "2024-05-31T21:03:03.369Z",
"dateUpdated": "2024-11-22T20:05:27.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51641
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-106/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.514-06:00",
"datePublic": "2024-02-09T12:16:50.832-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege level.\n\nThe specific flaw exists within the renderFieldMatch method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22505."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:03.435Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-106",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-106/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51641",
"datePublished": "2024-11-22T20:05:03.435Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:03.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30372
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1165/ | x_research-advisory | |
| https://alltena.com/en/resources/release-notes/relnotes-7-5-2 | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.2"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.730-05:00",
"datePublic": "2024-08-22T15:34:28.412-05:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of getLinkText method. The issue results from the lack of proper validation of a user-supplied string before processing it with the template engine. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-23609."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:18.344Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1165",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1165/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://alltena.com/en/resources/release-notes/relnotes-7-5-2"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30372",
"datePublished": "2024-11-22T20:05:18.344Z",
"dateReserved": "2024-03-26T18:52:36.419Z",
"dateUpdated": "2024-11-22T20:05:18.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51646
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-109/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.545-06:00",
"datePublic": "2024-02-09T12:17:20.245-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the uploadSimpleFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22527."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:08.765Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-109",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-109/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51646",
"datePublished": "2024-11-22T20:05:08.765Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:08.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51639
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-110/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0.24"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.502-06:00",
"datePublic": "2024-02-09T12:17:27.579-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the downloadExportedChart action. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22361."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:01.359Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-110",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-110/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51639",
"datePublished": "2024-11-22T20:05:01.359Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-11-22T20:05:01.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51643
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-103/ | x_research-advisory | |
| https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html | vendor-advisory |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Allegra",
"vendor": "Allegra",
"versions": [
{
"status": "affected",
"version": "7.5.0 build 29"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.526-06:00",
"datePublic": "2024-02-09T12:13:11.491-06:00",
"descriptions": [
{
"lang": "en",
"value": "Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the uploadFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of LOCAL SERVICE. Was ZDI-CAN-22510."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:05:05.635Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-103",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-103/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html"
}
],
"source": {
"lang": "en",
"value": "06fe5fd2bc53027c4a3b7e395af0b850e7b8a044"
},
"title": "Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51643",
"datePublished": "2024-11-22T20:05:05.635Z",
"dateReserved": "2023-12-20T21:52:34.964Z",
"dateUpdated": "2024-11-22T20:05:05.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}