CVE-2024-50588
Vulnerability from cvelistv5
Published
2024-11-08 08:37
Modified
2024-11-08 15:24
Severity ?
EPSS score ?
Summary
Unprotected Exposed Firebird Database with default credentials
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hasomed:elefant:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "elefant",
"vendor": "hasomed",
"versions": [
{
"lessThan": "24.03.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-50588",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T15:22:07.112507Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T15:24:00.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elefant",
"vendor": "HASOMED",
"versions": [
{
"status": "affected",
"version": "\u003c24.03.03",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn unauthenticated attacker with access to the local network of the \nmedical office can use known default credentials to gain remote DBA \naccess to the Elefant Firebird database. The data in the database \nincludes patient data and login credentials among other sensitive data. \nIn addition, this enables an attacker to create and overwrite arbitrary \nfiles on the server filesystem with the rights of the Firebird database \n(\"NT AUTHORITY\\SYSTEM\").\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker with access to the local network of the \nmedical office can use known default credentials to gain remote DBA \naccess to the Elefant Firebird database. The data in the database \nincludes patient data and login credentials among other sensitive data. \nIn addition, this enables an attacker to create and overwrite arbitrary \nfiles on the server filesystem with the rights of the Firebird database \n(\"NT AUTHORITY\\SYSTEM\")."
}
],
"impacts": [
{
"capecId": "CAPEC-70",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-70 Try Common or Default Usernames and Passwords"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393 Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-419",
"description": "CWE-419 Unprotected Primary Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:37:03.702Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/hasomed"
},
{
"tags": [
"patch"
],
"url": "https://hasomed.de/produkte/elefant/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe vendor fixed the issue in version 24.03.03 (or higher) which can be downloaded from \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://hasomed.de/produkte/elefant/\"\u003ehasomed.de/produkte/elefant/\u003c/a\u003e or via the Elefant Software Updater.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "The vendor fixed the issue in version 24.03.03 (or higher) which can be downloaded from hasomed.de/produkte/elefant/ https://hasomed.de/produkte/elefant/ or via the Elefant Software Updater."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unprotected Exposed Firebird Database with default credentials",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWhile workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor.\u003c/p\u003e"
}
],
"value": "While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2024-50588",
"datePublished": "2024-11-08T08:37:03.702Z",
"dateReserved": "2024-10-25T07:26:12.628Z",
"dateUpdated": "2024-11-08T15:24:00.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-50588\",\"sourceIdentifier\":\"551230f0-3615-47bd-b7cc-93e92e730bbf\",\"published\":\"2024-11-08T09:15:07.680\",\"lastModified\":\"2024-11-08T19:01:03.880\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unauthenticated attacker with access to the local network of the \\nmedical office can use known default credentials to gain remote DBA \\naccess to the Elefant Firebird database. The data in the database \\nincludes patient data and login credentials among other sensitive data. \\nIn addition, this enables an attacker to create and overwrite arbitrary \\nfiles on the server filesystem with the rights of the Firebird database \\n(\\\"NT AUTHORITY\\\\SYSTEM\\\").\"},{\"lang\":\"es\",\"value\":\"Un atacante no autenticado con acceso a la red local del consultorio m\u00e9dico puede utilizar credenciales predeterminadas conocidas para obtener acceso remoto de administrador de base de datos a la base de datos Firebird de Elefant. Los datos de la base de datos incluyen datos de pacientes y credenciales de inicio de sesi\u00f3n, entre otros datos confidenciales. Adem\u00e1s, esto permite a un atacante crear y sobrescribir archivos arbitrarios en el sistema de archivos del servidor con los derechos de la base de datos Firebird (\\\"NT AUTHORITY\\\\SYSTEM\\\").\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"551230f0-3615-47bd-b7cc-93e92e730bbf\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1393\"},{\"lang\":\"en\",\"value\":\"CWE-419\"}]}],\"references\":[{\"url\":\"https://hasomed.de/produkte/elefant/\",\"source\":\"551230f0-3615-47bd-b7cc-93e92e730bbf\"},{\"url\":\"https://r.sec-consult.com/hasomed\",\"source\":\"551230f0-3615-47bd-b7cc-93e92e730bbf\"}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.