Search criteria
3 vulnerabilities found for workbooth by workbooth_project
FKIE_CVE-2024-9576
Vulnerability from fkie_nvd - Published: 2024-10-07 15:15 - Updated: 2024-11-12 19:34
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| workbooth_project | workbooth | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:workbooth_project:workbooth:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BEEFCB-078A-4302-B639-E362350A7CC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve-coordination@incibe.es",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script."
},
{
"lang": "es",
"value": "Vulnerabilidad en Distro Linux Workbooth v2.5 que permite escalar privilegios al usuario root manipulando el script de configuraci\u00f3n de red."
}
],
"id": "CVE-2024-9576",
"lastModified": "2024-11-12T19:34:37.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "cve-coordination@incibe.es",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-07T15:15:10.467",
"references": [
{
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro"
}
],
"sourceIdentifier": "cve-coordination@incibe.es",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "cve-coordination@incibe.es",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-9576 (GCVE-0-2024-9576)
Vulnerability from cvelistv5 – Published: 2024-10-07 14:28 – Updated: 2024-10-07 18:11 Unsupported When Assigned
VLAI?
Title
Improper access control in Linux Workbooth Distro
Summary
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux Workbooth | Linux Workbooth |
Affected:
2.5
|
Credits
Rafael Pedrero
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux_workbooth:linux_workbooth:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_workbooth",
"vendor": "linux_workbooth",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9576",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T17:05:40.125290Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T18:11:41.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux Workbooth",
"vendor": "Linux Workbooth",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafael Pedrero"
}
],
"datePublic": "2024-10-07T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script."
}
],
"value": "Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T14:28:12.780Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Improper access control in Linux Workbooth Distro",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2024-9576",
"datePublished": "2024-10-07T14:28:12.780Z",
"dateReserved": "2024-10-07T09:00:12.996Z",
"dateUpdated": "2024-10-07T18:11:41.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9576 (GCVE-0-2024-9576)
Vulnerability from nvd – Published: 2024-10-07 14:28 – Updated: 2024-10-07 18:11 Unsupported When Assigned
VLAI?
Title
Improper access control in Linux Workbooth Distro
Summary
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux Workbooth | Linux Workbooth |
Affected:
2.5
|
Credits
Rafael Pedrero
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux_workbooth:linux_workbooth:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_workbooth",
"vendor": "linux_workbooth",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9576",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T17:05:40.125290Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T18:11:41.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux Workbooth",
"vendor": "Linux Workbooth",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafael Pedrero"
}
],
"datePublic": "2024-10-07T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script."
}
],
"value": "Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T14:28:12.780Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Improper access control in Linux Workbooth Distro",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2024-9576",
"datePublished": "2024-10-07T14:28:12.780Z",
"dateReserved": "2024-10-07T09:00:12.996Z",
"dateUpdated": "2024-10-07T18:11:41.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}