Action not permitted
Modal body text goes here.
Modal Title
Modal Body
Vulnerability from csaf_ncscnl
Published
2024-08-13 09:21
Modified
2024-08-13 09:21
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Spoofing
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-125
Out-of-bounds Read
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-250
Execution with Unnecessary Privileges
CWE-256
Plaintext Storage of a Password
CWE-269
Improper Privilege Management
CWE-284
Improper Access Control
CWE-307
Improper Restriction of Excessive Authentication Attempts
CWE-326
Inadequate Encryption Strength
CWE-358
Improperly Implemented Security Check for Standard
CWE-488
Exposure of Data Element to Wrong Session
CWE-521
Weak Password Requirements
CWE-524
Use of Cache Containing Sensitive Information
CWE-532
Insertion of Sensitive Information into Log File
CWE-863
Incorrect Authorization
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Spoofing\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", "title": "Interpretaties" }, { "category": "description", "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" }, { "category": "general", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" }, { "category": "general", "text": "Plaintext Storage of a Password", "title": "CWE-256" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" }, { "category": "general", "text": "Inadequate Encryption Strength", "title": "CWE-326" }, { "category": "general", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" }, { "category": "general", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" }, { "category": "general", "text": "Weak Password Requirements", "title": "CWE-521" }, { "category": "general", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" }, { "category": "general", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" }, { "category": "general", "text": "Incorrect Authorization", "title": "CWE-863" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-357412.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-417547.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-659443.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-716317.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-720392.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-856475.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-921449.pdf" } ], "title": "Kwetsbaarheden verholpen in Siemens producten", "tracking": { "current_release_date": "2024-08-13T09:21:28.381575Z", "id": "NCSC-2024-0332", "initial_release_date": "2024-08-13T09:21:28.381575Z", "revision_history": [ { "date": "2024-08-13T09:21:28.381575Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "vulnerabilities": [ { "cve": "CVE-2023-4611", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-4611", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4611.json" } ], "title": "CVE-2023-4611" }, { "cve": "CVE-2023-5180", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "references": [ { "category": "self", "summary": "CVE-2023-5180", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5180.json" } ], "title": "CVE-2023-5180" }, { "cve": "CVE-2023-5868", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Function Call With Incorrect Argument Type", "title": "CWE-686" } ], "references": [ { "category": "self", "summary": "CVE-2023-5868", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5868.json" } ], "title": "CVE-2023-5868" }, { "cve": "CVE-2023-5869", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-5869", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5869.json" } ], "title": "CVE-2023-5869" }, { "cve": "CVE-2023-5870", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-5870", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5870.json" } ], "title": "CVE-2023-5870" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "notes": [ { "category": "other", "text": "Serializable Class Containing Sensitive Data", "title": "CWE-499" } ], "references": [ { "category": "self", "summary": "CVE-2023-6378", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6378.json" } ], "title": "CVE-2023-6378" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-6481", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6481.json" } ], "title": "CVE-2023-6481" }, { "cve": "CVE-2023-26495", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-26495", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26495.json" } ], "title": "CVE-2023-26495" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-31122", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-31122.json" } ], "title": "CVE-2023-31122" }, { "cve": "CVE-2023-34050", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "references": [ { "category": "self", "summary": "CVE-2023-34050", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34050.json" } ], "title": "CVE-2023-34050" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-39615", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json" } ], "title": "CVE-2023-39615" }, { "cve": "CVE-2023-42794", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42794", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42794.json" } ], "title": "CVE-2023-42794" }, { "cve": "CVE-2023-42795", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json" } ], "title": "CVE-2023-42795" }, { "cve": "CVE-2023-43622", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-43622", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43622.json" } ], "title": "CVE-2023-43622" }, { "cve": "CVE-2023-44321", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44321", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44321.json" } ], "title": "CVE-2023-44321" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45648", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-45648", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json" } ], "title": "CVE-2023-45648" }, { "cve": "CVE-2023-45802", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-45802", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45802.json" } ], "title": "CVE-2023-45802" }, { "cve": "CVE-2023-46120", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-46120", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46120.json" } ], "title": "CVE-2023-46120" }, { "cve": "CVE-2023-46280", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-46280", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46280.json" } ], "title": "CVE-2023-46280" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "notes": [ { "category": "other", "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "title": "CWE-444" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-46589", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json" } ], "title": "CVE-2023-46589" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-0056", "cwe": { "id": "CWE-420", "name": "Unprotected Alternate Channel" }, "notes": [ { "category": "other", "text": "Unprotected Alternate Channel", "title": "CWE-420" }, { "category": "other", "text": "Cleartext Transmission of Sensitive Information", "title": "CWE-319" } ], "references": [ { "category": "self", "summary": "CVE-2024-0056", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0056.json" } ], "title": "CVE-2024-0056" }, { "cve": "CVE-2024-0985", "cwe": { "id": "CWE-271", "name": "Privilege Dropping / Lowering Errors" }, "notes": [ { "category": "other", "text": "Privilege Dropping / Lowering Errors", "title": "CWE-271" } ], "references": [ { "category": "self", "summary": "CVE-2024-0985", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0985.json" } ], "title": "CVE-2024-0985" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2024-25062", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json" } ], "title": "CVE-2024-25062" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28757", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-28757", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28757.json" } ], "title": "CVE-2024-28757" }, { "cve": "CVE-2024-30045", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "references": [ { "category": "self", "summary": "CVE-2024-30045", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30045.json" } ], "title": "CVE-2024-30045" }, { "cve": "CVE-2024-32635", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32635", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32635.json" } ], "title": "CVE-2024-32635" }, { "cve": "CVE-2024-32636", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32636", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32636.json" } ], "title": "CVE-2024-32636" }, { "cve": "CVE-2024-32637", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "references": [ { "category": "self", "summary": "CVE-2024-32637", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32637.json" } ], "title": "CVE-2024-32637" }, { "cve": "CVE-2024-36398", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "notes": [ { "category": "other", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" } ], "references": [ { "category": "self", "summary": "CVE-2024-36398", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36398.json" } ], "title": "CVE-2024-36398" }, { "cve": "CVE-2024-39922", "cwe": { "id": "CWE-256", "name": "Plaintext Storage of a Password" }, "notes": [ { "category": "other", "text": "Plaintext Storage of a Password", "title": "CWE-256" } ], "references": [ { "category": "self", "summary": "CVE-2024-39922", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39922.json" } ], "title": "CVE-2024-39922" }, { "cve": "CVE-2024-41681", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "other", "text": "Inadequate Encryption Strength", "title": "CWE-326" } ], "references": [ { "category": "self", "summary": "CVE-2024-41681", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41681.json" } ], "title": "CVE-2024-41681" }, { "cve": "CVE-2024-41682", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41682", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41682.json" } ], "title": "CVE-2024-41682" }, { "cve": "CVE-2024-41683", "cwe": { "id": "CWE-521", "name": "Weak Password Requirements" }, "notes": [ { "category": "other", "text": "Weak Password Requirements", "title": "CWE-521" } ], "references": [ { "category": "self", "summary": "CVE-2024-41683", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41683.json" } ], "title": "CVE-2024-41683" }, { "cve": "CVE-2024-41903", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "references": [ { "category": "self", "summary": "CVE-2024-41903", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41903.json" } ], "title": "CVE-2024-41903" }, { "cve": "CVE-2024-41904", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41904", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41904.json" } ], "title": "CVE-2024-41904" }, { "cve": "CVE-2024-41905", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "references": [ { "category": "self", "summary": "CVE-2024-41905", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41905.json" } ], "title": "CVE-2024-41905" }, { "cve": "CVE-2024-41906", "cwe": { "id": "CWE-524", "name": "Use of Cache Containing Sensitive Information" }, "notes": [ { "category": "other", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" } ], "references": [ { "category": "self", "summary": "CVE-2024-41906", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41906.json" } ], "title": "CVE-2024-41906" }, { "cve": "CVE-2024-41907", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "notes": [ { "category": "other", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" } ], "references": [ { "category": "self", "summary": "CVE-2024-41907", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41907.json" } ], "title": "CVE-2024-41907" }, { "cve": "CVE-2024-41908", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-41908", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41908.json" } ], "title": "CVE-2024-41908" }, { "cve": "CVE-2024-41938", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "other", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" } ], "references": [ { "category": "self", "summary": "CVE-2024-41938", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41938.json" } ], "title": "CVE-2024-41938" }, { "cve": "CVE-2024-41939", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41939", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41939.json" } ], "title": "CVE-2024-41939" }, { "cve": "CVE-2024-41940", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41940", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41940.json" } ], "title": "CVE-2024-41940" }, { "cve": "CVE-2024-41941", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41941", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41941.json" } ], "title": "CVE-2024-41941" }, { "cve": "CVE-2024-41976", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41976.json" } ], "title": "CVE-2024-41976" }, { "cve": "CVE-2024-41977", "cwe": { "id": "CWE-488", "name": "Exposure of Data Element to Wrong Session" }, "notes": [ { "category": "other", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" } ], "references": [ { "category": "self", "summary": "CVE-2024-41977", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41977.json" } ], "title": "CVE-2024-41977" }, { "cve": "CVE-2024-41978", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "notes": [ { "category": "other", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" } ], "references": [ { "category": "self", "summary": "CVE-2024-41978", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41978.json" } ], "title": "CVE-2024-41978" } ] }
cve-2023-46589
Vulnerability from cvelistv5
Published
2023-11-28 15:31
Modified
2024-08-02 20:45
Severity ?
EPSS score ?
Summary
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single
request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.
Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.0-M10 Version: 10.1.0-M1 ≤ 10.1.15 Version: 9.0.0-M1 ≤ 9.0.82 Version: 8.5.0 ≤ 8.5.95 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "tomcat", "vendor": "apache", "versions": [ { "lessThanOrEqual": "11.0.0-m10", "status": "affected", "version": "11.0.0-m1", "versionType": "custom" }, { "lessThanOrEqual": "10.1.15", "status": "affected", "version": "10.1.0-M1", "versionType": "custom" }, { "lessThanOrEqual": "9.0.82", "status": "affected", "version": "9.0.0-M1", "versionType": "custom" }, { "lessThanOrEqual": "8.5.95", "status": "affected", "version": "8.5.0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-46589", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T16:04:24.661745Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T17:19:10.688Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T20:45:42.297Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/11/28/2" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231214-0009/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "11.0.0-M10", "status": "affected", "version": "11.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "10.1.15", "status": "affected", "version": "10.1.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.82", "status": "affected", "version": "9.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.95", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Norihito Aimoto (OSSTech Corporation) " } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper Input Validation vulnerability in Apache Tomcat.\u003cp\u003eTomcat \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95\u003c/span\u003e did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUsers are recommended to upgrade to version 11.0.0-M11\u0026nbsp;onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e" } ], "value": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\n\nUsers are recommended to upgrade to version 11.0.0-M11\u00a0onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-05T09:49:55.646Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr" }, { "url": "https://www.openwall.com/lists/oss-security/2023/11/28/2" }, { "url": "https://security.netapp.com/advisory/ntap-20231214-0009/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html" } ], "source": { "discovery": "EXTERNAL" }, "title": "Apache Tomcat: HTTP request smuggling via malformed trailer headers", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-46589", "datePublished": "2023-11-28T15:31:52.366Z", "dateReserved": "2023-10-23T08:14:01.046Z", "dateUpdated": "2024-08-02T20:45:42.297Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-46280
Vulnerability from cvelistv5
Published
2024-05-14 10:01
Modified
2024-12-10 13:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-46280", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T14:20:28.448026Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:08.819Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T20:37:40.324Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Security Configuration Tool (SCT)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Automation Tool", "vendor": "Siemens", "versions": [ { "lessThan": "V5.0 SP2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC BATCH V9.1", "vendor": "Siemens", "versions": [ { "lessThan": "V9.1 SP2 Upd5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V16", "vendor": "Siemens", "versions": [ { "lessThan": "V16 Update 8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V17", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V18", "vendor": "Siemens", "versions": [ { "lessThan": "V18 SP1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V19", "vendor": "Siemens", "versions": [ { "lessThan": "V19 Update 2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PCS 7 V9.1", "vendor": "Siemens", "versions": [ { "lessThan": "V9.1 SP2 UC05", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PDM V9.2", "vendor": "Siemens", "versions": [ { "lessThan": "V9.2 SP2 Upd3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Route Control V9.1", "vendor": "Siemens", "versions": [ { "lessThan": "V9.1 SP2 Upd3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PCT", "vendor": "Siemens", "versions": [ { "lessThan": "V3.5 SP3 Update 6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC STEP 7 V5", "vendor": "Siemens", "versions": [ { "lessThan": "V5.7 SP3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.17", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.18", "vendor": "Siemens", "versions": [ { "lessThan": "V3.18 P025", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.19", "vendor": "Siemens", "versions": [ { "lessThan": "V3.19 P010", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "lessThan": "V17 Update 8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V16", "vendor": "Siemens", "versions": [ { "lessThan": "V16 Update 6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V17", "vendor": "Siemens", "versions": [ { "lessThan": "V17 Update 8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V18", "vendor": "Siemens", "versions": [ { "lessThan": "V18 Update 4", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V19", "vendor": "Siemens", "versions": [ { "lessThan": "V19 Update 2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V7.4", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V7.5", "vendor": "Siemens", "versions": [ { "lessThan": "V7.5 SP2 Update 17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V8.0", "vendor": "Siemens", "versions": [ { "lessThan": "V8.0 Update 5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS Startdrive", "vendor": "Siemens", "versions": [ { "lessThan": "V19 SP1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0 SP1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK ONE virtual", "vendor": "Siemens", "versions": [ { "lessThan": "V6.23", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK PLC Programming Tool", "vendor": "Siemens", "versions": [ { "lessThan": "V3.3.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "TIA Portal Cloud Connector", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Totally Integrated Automation Portal (TIA Portal) V15.1", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Totally Integrated Automation Portal (TIA Portal) V16", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Totally Integrated Automation Portal (TIA Portal) V17", "vendor": "Siemens", "versions": [ { "lessThan": "V17 Update 8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Totally Integrated Automation Portal (TIA Portal) V18", "vendor": "Siemens", "versions": [ { "lessThan": "V18 Update 4", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Totally Integrated Automation Portal (TIA Portal) V19", "vendor": "Siemens", "versions": [ { "lessThan": "V19 Update 2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions \u003c V5.0 SP2), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions \u003c V18 SP1), SIMATIC NET PC Software V19 (All versions \u003c V19 Update 2), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions \u003c V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions \u003c V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions \u003c V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions \u003c V3.18 P025), SIMATIC WinCC OA V3.19 (All versions \u003c V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5), SINAMICS Startdrive (All versions \u003c V19 SP1), SINEC NMS (All versions \u003c V3.0), SINEC NMS (All versions \u003c V3.0 SP1), SINUMERIK ONE virtual (All versions \u003c V6.23), SINUMERIK PLC Programming Tool (All versions \u003c V3.3.12), TIA Portal Cloud Connector (All versions \u003c V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T13:53:28.579Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-46280", "datePublished": "2024-05-14T10:01:52.069Z", "dateReserved": "2023-10-20T08:02:52.794Z", "dateUpdated": "2024-12-10T13:53:28.579Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-34050
Vulnerability from cvelistv5
Published
2023-10-19 07:11
Modified
2024-09-12 17:58
Severity ?
EPSS score ?
Summary
In spring AMQP versions 1.0.0 to
2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class
names were added to Spring AMQP, allowing users to lock down deserialization of
data in messages from untrusted sources; however by default, when no allowed
list was provided, all classes could be deserialized.
Specifically, an application is
vulnerable if
* the
SimpleMessageConverter or SerializerMessageConverter is used
* the user
does not configure allowed list patterns
* untrusted
message originators gain permissions to write messages to the RabbitMQ
broker to send malicious content
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Spring | Spring AMQP |
Version: 1.0.0 Version: 3.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:01:52.410Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://spring.io/security/cve-2023-34050" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-34050", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-12T17:58:30.805271Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-12T17:58:46.718Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "MacOS", "Linux", "iOS", "Android", "x86", "ARM", "64 bit", "Windows", "32 bit" ], "product": "Spring AMQP", "vendor": "Spring", "versions": [ { "lessThan": "2.4.17", "status": "affected", "version": "1.0.0", "versionType": "2.4.17" }, { "lessThan": "3.0.10", "status": "affected", "version": "3.0.0", "versionType": "3.0.10" } ] } ], "datePublic": "2023-10-18T06:52:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\n\n\n\n\n\n\n\n\n\u003cp\u003eIn spring AMQP versions 1.0.0 to\n2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class\nnames were added to Spring AMQP, allowing users to lock down deserialization of\ndata in messages from untrusted sources; however by default, when no allowed\nlist was provided, all classes could be deserialized.\u003c/p\u003e\n\n\u003cp\u003eSpecifically, an application is\nvulnerable if\u003c/p\u003e\n\n\u003cul\u003e\n \u003cli\u003ethe\n SimpleMessageConverter or SerializerMessageConverter is used\u003c/li\u003e\n \u003cli\u003ethe user\n does not configure allowed list patterns\u003c/li\u003e\n \u003cli\u003euntrusted\n message originators gain permissions to write messages to the RabbitMQ\n broker to send malicious content\u003c/li\u003e\n\u003c/ul\u003e\n\n\n\n\n\n" } ], "value": "\n\n\n\n\n\n\n\n\n\nIn spring AMQP versions 1.0.0 to\n2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class\nnames were added to Spring AMQP, allowing users to lock down deserialization of\ndata in messages from untrusted sources; however by default, when no allowed\nlist was provided, all classes could be deserialized.\n\n\n\nSpecifically, an application is\nvulnerable if\n\n\n\n\n * the\n SimpleMessageConverter or SerializerMessageConverter is used\n\n * the user\n does not configure allowed list patterns\n\n * untrusted\n message originators gain permissions to write messages to the RabbitMQ\n broker to send malicious content\n\n\n\n\n\n\n\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-19T07:11:35.038Z", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware" }, "references": [ { "url": "https://spring.io/security/cve-2023-34050" } ], "source": { "discovery": "UNKNOWN" }, "title": "Spring AMQP Deserialization Vulnerability", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2023-34050", "datePublished": "2023-10-19T07:11:35.038Z", "dateReserved": "2023-05-25T17:21:56.203Z", "dateUpdated": "2024-09-12T17:58:46.718Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-44321
Vulnerability from cvelistv5
Published
2023-11-14 11:04
Modified
2024-08-13 07:52
Severity ?
EPSS score ?
Summary
Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.
References
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf | ||
https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf | ||
https://cert-portal.siemens.com/productcert/html/ssa-699386.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-180704.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-602936.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-353002.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-087301.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:59:51.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M804PB", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M812-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M816-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M826-2 SHDSL-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-2", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3 3G-Router (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3 (ROK)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (NAM)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (RoW)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 EEC LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3 (SC, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3 (ST, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3 (ST, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3 (ST, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3LD (SC, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB205-3LD (SC, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB208 (E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB208 (PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3 (SC, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3 (SC, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3 (ST, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3 (ST, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3LD (SC, E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB213-3LD (SC, PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB216 (E/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XB216 (PN)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2 (SC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2 (ST/BFOC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2G PoE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2G PoE (54 V DC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2G PoE EEC (54 V DC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2SFP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2SFP EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2SFP G", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2SFP G (EIP DEF.)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC206-2SFP G EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208G", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208G (EIP def.)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208G EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208G PoE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC208G PoE (54 V DC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-3G PoE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-3G PoE (54 V DC)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-4C", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-4C G", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-4C G (EIP Def.)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216-4C G EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC216EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC224", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC224-4C G", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC224-4C G (EIP Def.)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XC224-4C G EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XF204", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XF204 DNA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XF204-2BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XF204-2BA DNA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP208", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP208 (Ethernet/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP208EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP208PoE EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP216", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP216 (Ethernet/IP)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP216EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XP216POE EEC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR324WG (24 x FE, AC 230V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR324WG (24 X FE, DC 24V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR326-2C PoE WG", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR326-2C PoE WG (without UL)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET SCALANCE XC206-2", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET SCALANCE XC206-2SFP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET SCALANCE XC208", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET SCALANCE XC216-4C", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again." } ], "metrics": [ { "cvssV3_1": { "baseScore": 2.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:52:20.955Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-44321", "datePublished": "2023-11-14T11:04:02.880Z", "dateReserved": "2023-09-28T16:18:45.648Z", "dateUpdated": "2024-08-13T07:52:20.955Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41904
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 14:25
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | SINEC Traffic Analyzer |
Version: 0 < V2.0 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_traffic_analyzer", "vendor": "siemens", "versions": [ { "lessThan": "2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41904", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T14:24:06.374688Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T14:25:30.856Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC Traffic Analyzer", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-307", "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:23.788Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41904", "datePublished": "2024-08-13T07:54:23.788Z", "dateReserved": "2024-07-23T10:56:51.268Z", "dateUpdated": "2024-08-13T14:25:30.856Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41682
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 17:54
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | Location Intelligence family |
Version: 0 < V4.4 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41682", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T17:54:14.995611Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T17:54:30.651Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Location Intelligence family", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Location Intelligence family (All versions \u003c V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-307", "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:19.932Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41682", "datePublished": "2024-08-13T07:54:19.932Z", "dateReserved": "2024-07-19T07:26:24.367Z", "dateUpdated": "2024-08-13T17:54:30.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41683
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:22
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | Location Intelligence family |
Version: 0 < V4.4 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:location_intelligence_family:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "location_intelligence_family", "vendor": "siemens", "versions": [ { "lessThan": "v4.4", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41683", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:20:27.851348Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:22:32.419Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Location Intelligence family", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Location Intelligence family (All versions \u003c V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-521", "description": "CWE-521: Weak Password Requirements", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:21.192Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41683", "datePublished": "2024-08-13T07:54:21.192Z", "dateReserved": "2024-07-19T07:26:24.367Z", "dateUpdated": "2024-08-13T13:22:32.419Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41903
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 14:22
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | SINEC Traffic Analyzer |
Version: 0 < V2.0 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_traffic_analyzer", "vendor": "siemens", "versions": [ { "lessThan": "2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41903", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T14:22:03.946308Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T14:22:58.678Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC Traffic Analyzer", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application mounts the container\u0027s root filesystem with read and write privileges. This could allow an attacker to alter the container\u0027s filesystem leading to unauthorized modifications and data corruption." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:22.465Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41903", "datePublished": "2024-08-13T07:54:22.465Z", "dateReserved": "2024-07-23T10:56:51.267Z", "dateUpdated": "2024-08-13T14:22:58.678Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41906
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-14 17:46
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
6.3 (Medium) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | SINEC Traffic Analyzer |
Version: 0 < V2.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41906", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-14T17:46:14.451715Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-14T17:46:26.134Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC Traffic Analyzer", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-524", "description": "CWE-524: Use of Cache Containing Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:26.385Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41906", "datePublished": "2024-08-13T07:54:26.385Z", "dateReserved": "2024-07-23T10:56:51.268Z", "dateUpdated": "2024-08-14T17:46:26.134Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41939
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 14:21
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_nms", "vendor": "siemens", "versions": [ { "lessThan": "3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41939", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T14:20:26.504156Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T14:21:41.360Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application." } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:31.595Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41939", "datePublished": "2024-08-13T07:54:31.595Z", "dateReserved": "2024-07-24T14:47:36.388Z", "dateUpdated": "2024-08-13T14:21:41.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6481
Vulnerability from cvelistv5
Published
2023-12-04 08:35
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | QOS.CH Sarl | logback | |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://logback.qos.ch/news.html#1.3.12" }, { "tags": [ "x_transferred" ], "url": "https://logback.qos.ch/news.html#1.3.14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "logback receiver" ], "platforms": [ "Windows", "Linux", "MacOS" ], "product": "logback", "repo": "https://github.com/qos-ch/logback", "vendor": "QOS.CH Sarl", "versions": [ { "status": "unaffected", "version": "1.4.14" }, { "status": "unaffected", "version": "1.3.14" }, { "status": "unaffected", "version": "1.2.13" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\u003cpre\u003eThe attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\u003cbr\u003eOnly environments where logback receiver is deployed are vulnerable. \u003cbr\u003e\u003c/pre\u003e\n\n" } ], "value": "The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\nOnly environments where logback receiver is deployed are vulnerable. \n\n\n\n\n" } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Yakov Shafranovich, Amazon Web Services" }, { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Camilo Aparecido Ferri Moreira" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\nA serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u0026nbsp;1.3.13 and\u0026nbsp;1.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "value": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "Excessive CPU or memory usage on the host where a logback receiver component is deployed" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial-of-service using poisoned data", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-04T08:35:44.396Z", "orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch" }, "references": [ { "url": "https://logback.qos.ch/news.html#1.3.12" }, { "url": "https://logback.qos.ch/news.html#1.3.14" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\u003cbr\u003e\u003cbr\u003eIf you do not need to deploy logback-receiver, then please verify that you do not have any \u0026lt;receiver\u0026gt;\u0026lt;/receiver\u0026gt; entries in your configuration files.\u003cbr\u003e" } ], "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\n\nIf you do not need to deploy logback-receiver, then please verify that you do not have any \u003creceiver\u003e\u003c/receiver\u003e entries in your configuration files.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Logback \"receiver\" DOS vulnerability CVE-2023-6378 incomplete fix", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u0026nbsp; or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\u003cbr\u003e" } ], "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u00a0 or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\n" } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "assignerShortName": "NCSC.ch", "cveId": "CVE-2023-6481", "datePublished": "2023-12-04T08:35:44.396Z", "dateReserved": "2023-12-04T08:34:29.742Z", "dateUpdated": "2024-08-02T08:28:21.829Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0056
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:39
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 (GDR) |
Version: 16.0.0 < 16.0.1110.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:41:15.885Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1110.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.1", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:data_sql_client:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:5.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft.Data.SqlClient", "vendor": "Microsoft", "versions": [ { "lessThan": "2.1.7", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "3.1.5", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "4.0.5", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "5.1.3", "status": "affected", "version": "1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:System.Data.SqlClient:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "System.Data.SqlClient", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.6", "status": "affected", "version": "1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (CU 10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4100.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04690.01", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.6614", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "3.0.50727.8976", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 23H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09214.01", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319: Cleartext Transmission of Sensitive Information", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:39:51.662Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056" } ], "title": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-0056", "datePublished": "2024-01-09T17:56:58.972Z", "dateReserved": "2023-11-22T17:43:06.743Z", "dateUpdated": "2024-10-08T15:39:51.662Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52426
Vulnerability from cvelistv5
Published
2024-02-04 00:00
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libexpat/libexpat/pull/777 | ||
https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 | ||
https://cwe.mitre.org/data/definitions/776.html | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ | vendor-advisory | |
https://security.netapp.com/advisory/ntap-20240307-0005/ |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52426", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-26T15:54:28.451554Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-26T15:54:41.111Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T22:55:41.522Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/777" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404" }, { "tags": [ "x_transferred" ], "url": "https://cwe.mitre.org/data/definitions/776.html" }, { "name": "FEDORA-2024-fbe1f0c1aa", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/" }, { "name": "FEDORA-2024-b8656bc059", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240307-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-07T17:06:55.610993", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/777" }, { "url": "https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404" }, { "url": "https://cwe.mitre.org/data/definitions/776.html" }, { "name": "FEDORA-2024-fbe1f0c1aa", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/" }, { "name": "FEDORA-2024-b8656bc059", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/" }, { "url": "https://security.netapp.com/advisory/ntap-20240307-0005/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-52426", "datePublished": "2024-02-04T00:00:00", "dateReserved": "2024-02-04T00:00:00", "dateUpdated": "2024-08-02T22:55:41.522Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-43622
Vulnerability from cvelistv5
Published
2023-10-23 06:50
Modified
2024-09-17 14:19
Severity ?
EPSS score ?
Summary
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.
This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.
This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.
Users are recommended to upgrade to version 2.4.58, which fixes the issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4.55 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:44:43.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-43622", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T16:02:28.689513Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T14:19:24.281Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "2.4.55", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Prof. Sven Dietrich (City University of New York)" }, { "lang": "en", "type": "finder", "value": "Isa Jafarov (City University of New York)" }, { "lang": "en", "type": "finder", "value": "Prof. Heejo Lee (Korea University)" }, { "lang": "en", "type": "finder", "value": "Choongin Lee (Korea University)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\u003cbr\u003e\u003cp\u003eThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\u003c/p\u003e" } ], "value": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "low" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-23T06:50:51.555Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2023-09-15T09:51:00.000Z", "value": "reported" } ], "title": "Apache HTTP Server: DoS in HTTP/2 with initial windows size 0", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-43622", "datePublished": "2023-10-23T06:50:51.555Z", "dateReserved": "2023-09-20T07:45:21.299Z", "dateUpdated": "2024-09-17T14:19:24.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-26495
Vulnerability from cvelistv5
Published
2023-04-10 00:00
Modified
2024-08-02 11:53
Severity ?
EPSS score ?
Summary
An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:53:53.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.opendesign.com/security-advisories" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-10T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.opendesign.com/security-advisories" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-26495", "datePublished": "2023-04-10T00:00:00", "dateReserved": "2023-02-23T00:00:00", "dateUpdated": "2024-08-02T11:53:53.975Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4611
Vulnerability from cvelistv5
Published
2023-08-29 21:25
Modified
2024-08-02 07:31
Severity ?
EPSS score ?
Summary
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-4611 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2227244 | issue-tracking, x_refsource_REDHAT | |
https://www.spinics.net/lists/stable-commits/msg310136.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | n/a | Kernel | |||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.577Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-4611" }, { "name": "RHBZ#2227244", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244" }, { "tags": [ "x_transferred" ], "url": "https://www.spinics.net/lists/stable-commits/msg310136.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kernel", "vendor": "n/a", "versions": [ { "status": "unaffected", "version": "6.5-rc4" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "unaffected", "packageName": "kernel", "product": "Fedora", "vendor": "Fedora" } ], "datePublic": "2023-07-28T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-23T01:56:22.319Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-4611" }, { "name": "RHBZ#2227244", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244" }, { "url": "https://www.spinics.net/lists/stable-commits/msg310136.html" } ], "timeline": [ { "lang": "en", "time": "2023-07-28T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-07-28T00:00:00+00:00", "value": "Made public." } ], "title": "Use after free race between mbind() and vma-locked page fault", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-416: Use After Free" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-4611", "datePublished": "2023-08-29T21:25:53.315Z", "dateReserved": "2023-08-29T19:31:43.618Z", "dateUpdated": "2024-08-02T07:31:06.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-30045
Vulnerability from cvelistv5
Published
2024-05-14 16:57
Modified
2024-11-22 12:04
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.5 cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-30045", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-15T17:32:06.325446Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:39:36.245Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-11-22T12:04:49.715Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045" }, { "url": "https://security.netapp.com/advisory/ntap-20241122-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.5", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.19", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.7", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.19", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.15", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.10", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.3", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] } ], "datePublic": "2024-05-14T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-19T20:58:48.805Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-30045", "datePublished": "2024-05-14T16:57:29.676Z", "dateReserved": "2024-03-22T23:12:13.408Z", "dateUpdated": "2024-11-22T12:04:49.715Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52425
Vulnerability from cvelistv5
Published
2024-02-04 00:00
Modified
2024-08-26 19:22
Severity ?
EPSS score ?
Summary
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libexpat/libexpat/pull/789 | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html | mailing-list | |
http://www.openwall.com/lists/oss-security/2024/03/20/5 | mailing-list | |
https://security.netapp.com/advisory/ntap-20240614-0003/ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T22:55:41.543Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/789" }, { "name": "FEDORA-2024-fbe1f0c1aa", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/" }, { "name": "FEDORA-2024-b8656bc059", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/" }, { "name": "[debian-lts-announce] 20240409 [SECURITY] [DLA 3783-1] expat security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html" }, { "name": "[oss-security] 20240320 Security fixes in Python 3.10.14, 3.9.19, and 3.8.19 (CVE-2023-6597 \u0026 CVE-2024-0450)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240614-0003/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "libexpat", "vendor": "libexpat_project", "versions": [ { "lessThanOrEqual": "2.5.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52425", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-26T19:20:56.852251Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-26T19:22:48.969Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T13:06:11.482117", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/789" }, { "name": "FEDORA-2024-fbe1f0c1aa", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/" }, { "name": "FEDORA-2024-b8656bc059", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/" }, { "name": "[debian-lts-announce] 20240409 [SECURITY] [DLA 3783-1] expat security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html" }, { "name": "[oss-security] 20240320 Security fixes in Python 3.10.14, 3.9.19, and 3.8.19 (CVE-2023-6597 \u0026 CVE-2024-0450)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "url": "https://security.netapp.com/advisory/ntap-20240614-0003/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-52425", "datePublished": "2024-02-04T00:00:00", "dateReserved": "2024-02-04T00:00:00", "dateUpdated": "2024-08-26T19:22:48.969Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5868
Vulnerability from cvelistv5
Published
2023-12-10 17:56
Modified
2024-11-15 15:10
Severity ?
EPSS score ?
Summary
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7545 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7579 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7580 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7581 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7616 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7656 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7666 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7667 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7694 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7695 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7714 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7770 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7772 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7784 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7785 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7883 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7884 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7885 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0304 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0332 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0337 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-5868 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2247168 | issue-tracking, x_refsource_REDHAT | |
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ | ||
https://www.postgresql.org/support/security/CVE-2023-5868/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Advanced Cluster Security 4.2 |
Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5868" }, { "name": "RHBZ#2247168", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240119-0003/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-5868/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113712.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231128173330.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113548.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231114115246.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128165328.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231114105206.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231128165335.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231113134015.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9030020231120082734.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream", "cpe:/a:redhat:rhel_eus:9.0::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020231115020618.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql12-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:12.17-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql13-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "postgresql:10/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "affected", "packageName": "rh-postgresql10-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges Jingzhou Fu as the original reporter." } ], "datePublic": "2023-11-09T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-686", "description": "Function Call With Incorrect Argument Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:10:57.961Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5868" }, { "name": "RHBZ#2247168", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168" }, { "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-5868/" } ], "timeline": [ { "lang": "en", "time": "2023-10-31T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-11-09T00:00:00+00:00", "value": "Made public." } ], "title": "Postgresql: memory disclosure in aggregate function calls", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-686: Function Call With Incorrect Argument Type" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5868", "datePublished": "2023-12-10T17:56:57.176Z", "dateReserved": "2023-10-31T03:56:17.314Z", "dateUpdated": "2024-11-15T15:10:57.961Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-32637
Vulnerability from cvelistv5
Published
2024-05-14 10:02
Modified
2024-08-13 07:54
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
References
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | JT2Go |
Version: 0 < V2312.0005 |
||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:ps_iges_parasolid_translator_component:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ps_iges_parasolid_translator_component", "vendor": "siemens", "versions": [ { "lessThan": "v27.1.215 ", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-32637", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-14T13:37:33.414539Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-18T18:07:35.849Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T02:13:40.086Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "JT2Go", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.2", "vendor": "Siemens", "versions": [ { "lessThan": "V14.2.0.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.3", "vendor": "Siemens", "versions": [ { "lessThan": "V14.3.0.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V2312", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition." } ], "metrics": [ { "cvssV3_1": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:07.678Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-32637", "datePublished": "2024-05-14T10:02:44.682Z", "dateReserved": "2024-04-16T10:52:15.707Z", "dateUpdated": "2024-08-13T07:54:07.678Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-32636
Vulnerability from cvelistv5
Published
2024-05-14 10:02
Modified
2024-08-13 07:54
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | JT2Go |
Version: 0 < V2312.0005 |
||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:parasolid:35.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "35.1.256", "status": "affected", "version": "35.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:siemens:parasolid:36.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "36.0.208", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:siemens:parasolid:36.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "36.1.173", "status": "affected", "version": "36.1", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-32636", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-14T13:37:41.622204Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T17:29:19.950Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T02:13:40.376Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "JT2Go", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.2", "vendor": "Siemens", "versions": [ { "lessThan": "V14.2.0.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.3", "vendor": "Siemens", "versions": [ { "lessThan": "V14.3.0.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V2312", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:06.352Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-32636", "datePublished": "2024-05-14T10:02:43.480Z", "dateReserved": "2024-04-16T10:52:15.707Z", "dateUpdated": "2024-08-13T07:54:06.352Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41978
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41978", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:28:57.409070Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:29:07.876Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M804PB", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M812-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M816-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M826-2 SHDSL-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-2", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3 3G-Router (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3 (ROK)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (NAM)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (RoW)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 EEC LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:39.417Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41978", "datePublished": "2024-08-13T07:54:39.417Z", "dateReserved": "2024-07-25T11:00:11.939Z", "dateUpdated": "2024-08-13T13:29:07.876Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31122
Vulnerability from cvelistv5
Published
2023-10-23 06:51
Modified
2024-09-17 13:47
Severity ?
EPSS score ?
Summary
Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/ | ||
https://security.netapp.com/advisory/ntap-20231027-0011/ | ||
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/ | ||
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/ | ||
https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 0 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:25.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-31122", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T20:23:50.224711Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:47:23.424Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "David Shoon (github/davidshoon)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.\u003cp\u003eThis issue affects Apache HTTP Server: through 2.4.57.\u003c/p\u003e" } ], "value": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.\n\n" } ], "metrics": [ { "other": { "content": { "text": "low" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-23T06:51:59.705Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2023-04-04T00:00:00.000Z", "value": "Reported to security team" } ], "title": "Apache HTTP Server: mod_macro buffer over-read", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-31122", "datePublished": "2023-10-23T06:51:59.705Z", "dateReserved": "2023-04-24T17:37:59.263Z", "dateUpdated": "2024-09-17T13:47:23.424Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-45802
Vulnerability from cvelistv5
Published
2023-10-23 06:50
Modified
2024-10-14 09:01
Severity ?
EPSS score ?
Summary
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.
This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.
Users are recommended to upgrade to version 2.4.58, which fixes the issue.
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4.17 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:29:32.370Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-45802", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-12T18:03:47.419998Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-12T18:04:36.899Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "2.4.17", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Will Dormann of Vul Labs" }, { "lang": "en", "type": "finder", "value": "David Warren of Vul Labs" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\u003cbr\u003e\u003cbr\u003eThis was found by the reporter during testing of\u0026nbsp;CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\u003cbr\u003e" } ], "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-404", "description": "CWE-404 Improper Resource Shutdown or Release", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-14T09:01:44.836Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2023-10-12T11:47:00.000Z", "value": "reported" } ], "title": "Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-45802", "datePublished": "2023-10-23T06:50:23.991Z", "dateReserved": "2023-10-13T09:44:15.791Z", "dateUpdated": "2024-10-14T09:01:44.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41938
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:18
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
EPSS score ?
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41938", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:17:45.421587Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:18:07.307Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:30.281Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41938", "datePublished": "2024-08-13T07:54:30.281Z", "dateReserved": "2024-07-24T14:36:27.564Z", "dateUpdated": "2024-08-13T13:18:07.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-45648
Vulnerability from cvelistv5
Published
2023-10-10 18:38
Modified
2024-11-12 19:19
Severity ?
EPSS score ?
Summary
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially
crafted, invalid trailer header could cause Tomcat to treat a single
request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.
Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
References
▼ | URL | Tags |
---|---|---|
https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp | vendor-advisory | |
http://www.openwall.com/lists/oss-security/2023/10/10/10 | ||
https://www.debian.org/security/2023/dsa-5522 | ||
https://www.debian.org/security/2023/dsa-5521 | ||
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html | ||
https://security.netapp.com/advisory/ntap-20231103-0007/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.0-M11 Version: 10.1.0-M1 ≤ 10.1.13 Version: 9.0.0-M1 ≤ 9.0.81 Version: 8.5.0 ≤ 8.5.93 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:21:16.919Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/10" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231103-0007/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "tomcat", "vendor": "apache", "versions": [ { "lessThanOrEqual": "11.0.0-m11", "status": "affected", "version": "11.0.0-m1", "versionType": "semver" }, { "lessThanOrEqual": "10.1.13", "status": "affected", "version": "10.1.0-m1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.81", "status": "affected", "version": "9.0.0-m1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.93", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-45648", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-18T16:17:04.147109Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-12T19:19:28.733Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "11.0.0-M11", "status": "affected", "version": "11.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "10.1.13", "status": "affected", "version": "10.1.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.81", "status": "affected", "version": "9.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.93", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Keran Mu and Jianjun Chen from Tsinghua University and Zhongguancun Laboratory" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper Input Validation vulnerability in Apache Tomcat.\u003cp\u003eTomcat\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93\u003c/span\u003e did not correctly parse HTTP trailer headers. A specially \ncrafted, invalid trailer header could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e" } ], "value": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat\u00a0from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially \ncrafted, invalid trailer header could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\n\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-10T18:38:34.097Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp" }, { "url": "http://www.openwall.com/lists/oss-security/2023/10/10/10" }, { "url": "https://www.debian.org/security/2023/dsa-5522" }, { "url": "https://www.debian.org/security/2023/dsa-5521" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231103-0007/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Apache Tomcat: Trailer header parsing too lenient", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-45648", "datePublished": "2023-10-10T18:38:34.097Z", "dateReserved": "2023-10-10T11:31:15.664Z", "dateUpdated": "2024-11-12T19:19:28.733Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41940
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 14:23
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_nms", "vendor": "siemens", "versions": [ { "lessThan": "3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41940", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T14:21:02.771500Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T14:23:29.960Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges." } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 9.4, "baseSeverity": "CRITICAL", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:32.926Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41940", "datePublished": "2024-08-13T07:54:32.926Z", "dateReserved": "2024-07-24T14:56:58.095Z", "dateUpdated": "2024-08-13T14:23:29.960Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42794
Vulnerability from cvelistv5
Published
2023-10-10 17:17
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
Incomplete Cleanup vulnerability in Apache Tomcat.
The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased,
in progress refactoring that exposed a potential denial of service on
Windows if a web application opened a stream for an uploaded file but
failed to close the stream. The file would never be deleted from disk
creating the possibility of an eventual denial of service due to the
disk being full.
Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 9.0.70 ≤ 9.0.80 Version: 8.5.85 ≤ 8.5.93 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:30:24.246Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "9.0.80", "status": "affected", "version": "9.0.70", "versionType": "semver" }, { "lessThanOrEqual": "8.5.93", "status": "affected", "version": "8.5.85", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Mohammad Khedmatgozar (cellbox)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Incomplete Cleanup vulnerability in Apache Tomcat.\u003cbr\u003e\u003cbr\u003eThe internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, \nin progress refactoring that exposed a potential denial of service on \nWindows if a web application opened a stream for an uploaded file but \nfailed to close the stream. The file would never be deleted from disk \ncreating the possibility of an eventual denial of service due to the \ndisk being full.\n\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUsers are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e" } ], "value": "Incomplete Cleanup vulnerability in Apache Tomcat.\n\nThe internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, \nin progress refactoring that exposed a potential denial of service on \nWindows if a web application opened a stream for an uploaded file but \nfailed to close the stream. The file would never be deleted from disk \ncreating the possibility of an eventual denial of service due to the \ndisk being full.\n\nUsers are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "low" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-459", "description": "CWE-459 Incomplete Cleanup", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-10T17:17:01.378Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82" }, { "url": "http://www.openwall.com/lists/oss-security/2023/10/10/8" } ], "source": { "discovery": "EXTERNAL" }, "title": "Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-42794", "datePublished": "2023-10-10T17:17:01.378Z", "dateReserved": "2023-09-14T12:05:53.583Z", "dateUpdated": "2024-08-02T19:30:24.246Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-39922
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-14 17:38
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
5.1 (Medium) - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
5.1 (Medium) - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | LOGO! 12/24RCE |
Version: 0 < * |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-39922", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-14T17:37:52.047490Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-14T17:38:02.012Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "LOGO! 12/24RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 12/24RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 230RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 230RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 24CE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 24CEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 24RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "LOGO! 24RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 12/24RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 12/24RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 230RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 230RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 24CE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 24CEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 24RCE", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS LOGO! 24RCEo", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-256", "description": "CWE-256: Plaintext Storage of a Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:17.388Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-921449.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-39922", "datePublished": "2024-08-13T07:54:17.388Z", "dateReserved": "2024-07-03T07:46:36.220Z", "dateUpdated": "2024-08-14T17:38:02.012Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39615
Vulnerability from cvelistv5
Published
2023-08-29 00:00
Modified
2024-10-02 13:25
Severity ?
EPSS score ?
Summary
Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:18:09.142Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39615", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-02T13:25:30.978898Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-02T13:25:38.426Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-06T16:22:09.464564", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535" } ], "tags": [ "disputed" ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-39615", "datePublished": "2023-08-29T00:00:00", "dateReserved": "2023-08-07T00:00:00", "dateUpdated": "2024-10-02T13:25:38.426Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-36398
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:26
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_nms", "vendor": "siemens", "versions": [ { "lessThan": "3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-36398", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:05:06.842738Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:26:17.671Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application executes a subset of its services as `NT AUTHORITY\\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:08.979Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-36398", "datePublished": "2024-08-13T07:54:08.979Z", "dateReserved": "2024-05-27T13:41:04.358Z", "dateUpdated": "2024-08-13T13:26:17.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0985
Vulnerability from cvelistv5
Published
2024-02-08 13:00
Modified
2024-12-20 13:06
Severity ?
EPSS score ?
Summary
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | PostgreSQL |
Version: 16 < 16.2 Version: 15 < 15.6 Version: 14 < 14.11 Version: 13 < 13.14 Version: 0 < 12.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-12-20T13:06:41.461Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2024-0985/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://saites.dev/projects/personal/postgres-cve-2024-0985/" }, { "url": "https://security.netapp.com/advisory/ntap-20241220-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "PostgreSQL", "vendor": "n/a", "versions": [ { "lessThan": "16.2", "status": "affected", "version": "16", "versionType": "rpm" }, { "lessThan": "15.6", "status": "affected", "version": "15", "versionType": "rpm" }, { "lessThan": "14.11", "status": "affected", "version": "14", "versionType": "rpm" }, { "lessThan": "13.14", "status": "affected", "version": "13", "versionType": "rpm" }, { "lessThan": "12.18", "status": "affected", "version": "0", "versionType": "rpm" } ] } ], "configurations": [ { "lang": "en", "value": "attacker has permission to create non-temporary objects in at least one schema" } ], "credits": [ { "lang": "en", "value": "The PostgreSQL project thanks Pedro Gallegos for reporting this problem." } ], "descriptions": [ { "lang": "en", "value": "Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker\u0027s roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker\u0027s materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected." } ], "metrics": [ { "cvssV3_1": { "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-271", "description": "Privilege Dropping / Lowering Errors", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-19T23:33:54.806Z", "orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL" }, "references": [ { "url": "https://www.postgresql.org/support/security/CVE-2024-0985/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00017.html" }, { "url": "https://saites.dev/projects/personal/postgres-cve-2024-0985/" } ], "title": "PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL", "workarounds": [ { "lang": "en", "value": "Use REFRESH MATERIALIZED VIEW without CONCURRENTLY." }, { "lang": "en", "value": "In a new database connection, authenticate as the materialized view owner." } ] } }, "cveMetadata": { "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "assignerShortName": "PostgreSQL", "cveId": "CVE-2024-0985", "datePublished": "2024-02-08T13:00:02.411Z", "dateReserved": "2024-01-27T20:47:02.113Z", "dateUpdated": "2024-12-20T13:06:41.461Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41941
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:18
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41941", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:06:14.340763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:18:22.820Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:34.225Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41941", "datePublished": "2024-08-13T07:54:34.225Z", "dateReserved": "2024-07-24T15:11:47.851Z", "dateUpdated": "2024-08-13T13:18:22.820Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5870
Vulnerability from cvelistv5
Published
2023-12-10 17:58
Modified
2024-12-02 17:04
Severity ?
EPSS score ?
Summary
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7545 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7579 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7580 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7581 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7616 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7656 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7666 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7667 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7694 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7695 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7714 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7770 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7772 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7784 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7785 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7883 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7884 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7885 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0304 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0332 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0337 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-5870 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2247170 | issue-tracking, x_refsource_REDHAT | |
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ | ||
https://www.postgresql.org/support/security/CVE-2023-5870/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Advanced Cluster Security 4.2 |
Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.816Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5870" }, { "name": "RHBZ#2247170", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240119-0003/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-5870/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5870", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2023-12-19T19:42:25.492582Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-02T17:04:19.568Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113712.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231128173330.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113548.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231114115246.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128165328.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231114105206.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231128165335.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231113134015.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9030020231120082734.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream", "cpe:/a:redhat:rhel_eus:9.0::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020231115020618.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql12-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:12.17-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql13-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "postgresql:10/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "affected", "packageName": "rh-postgresql10-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters." } ], "datePublic": "2023-11-09T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:11:36.533Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5870" }, { "name": "RHBZ#2247170", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170" }, { "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-5870/" } ], "timeline": [ { "lang": "en", "time": "2023-10-31T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-11-09T00:00:00+00:00", "value": "Made public." } ], "title": "Postgresql: role pg_signal_backend can signal certain superuser processes.", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5870", "datePublished": "2023-12-10T17:58:30.213Z", "dateReserved": "2023-10-31T03:56:58.366Z", "dateUpdated": "2024-12-02T17:04:19.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41977
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 16:01
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:6.2:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_rcm1224_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "6.2", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41977", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T15:59:08.645171Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T16:01:41.802Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M804PB", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M812-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M816-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M826-2 SHDSL-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-2", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3 3G-Router (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3 (ROK)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (NAM)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (RoW)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 EEC LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-488", "description": "CWE-488: Exposure of Data Element to Wrong Session", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:37.591Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41977", "datePublished": "2024-08-13T07:54:37.591Z", "dateReserved": "2024-07-25T11:00:11.939Z", "dateUpdated": "2024-08-13T16:01:41.802Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-25062
Vulnerability from cvelistv5
Published
2024-02-04 00:00
Modified
2024-08-01 23:36
Severity ?
EPSS score ?
Summary
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:36:21.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-04T16:04:53.794792", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2024-25062", "datePublished": "2024-02-04T00:00:00", "dateReserved": "2024-02-04T00:00:00", "dateUpdated": "2024-08-01T23:36:21.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41976
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-14 18:17
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_rm1224_lte\\(4g\\)_eu", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_rm1224_lte\\(4g\\)_nam", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m804pb:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m804pb", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m812-1_adsl-router:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m812-1_adsl-router", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m816-1_adsl-router:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m816-1_adsl-router", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m826-2_shdsl-router", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m874-2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m874-2", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m874-3:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m874-3", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m874-3_3g-router_\\(cn\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m876-3:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m876-3", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m876-3_\\(rok\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m876-4:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m876-4", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m876-4_\\(eu\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_m876-4_\\(nam\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum853-1_\\(a1\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum853-1_\\(b1\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum853-1_\\(eu\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum856-1_\\(a1\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum856-1_\\(b1\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum856-1_\\(cn\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum856-1_\\(eu\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_mum856-1_\\(row\\)", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_s615_eec_lan-router:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_s615_eec_lan-router", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:scalance_s615_lan-router:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "scalance_s615_lan-router", "vendor": "siemens", "versions": [ { "lessThan": "v8.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41976", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-14T17:50:04.994530Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-14T18:17:16.011Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) EU", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RM1224 LTE(4G) NAM", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M804PB", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M812-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M816-1 ADSL-Router family", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M826-2 SHDSL-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-2", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M874-3 3G-Router (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-3 (ROK)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M876-4 (NAM)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM853-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (A1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (B1)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (CN)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (EU)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE MUM856-1 (RoW)", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 EEC LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE S615 LAN-Router", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:35.837Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41976", "datePublished": "2024-08-13T07:54:35.837Z", "dateReserved": "2024-07-25T11:00:11.939Z", "dateUpdated": "2024-08-14T18:17:16.011Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41907
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 17:52
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
2.1 (Low) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2.1 (Low) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | SINEC Traffic Analyzer |
Version: 0 < V2.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41907", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T17:50:47.405333Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T17:52:23.314Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC Traffic Analyzer", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 2.1, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-358", "description": "CWE-358: Improperly Implemented Security Check for Standard", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:27.688Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41907", "datePublished": "2024-08-13T07:54:27.688Z", "dateReserved": "2024-07-23T10:56:51.268Z", "dateUpdated": "2024-08-13T17:52:23.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41681
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:50
Severity ?
6.7 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C
6.0 (Medium) - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
6.0 (Medium) - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | Location Intelligence family |
Version: 0 < V4.4 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41681", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:50:48.891229Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:50:59.341Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Location Intelligence family", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Location Intelligence family (All versions \u003c V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-326", "description": "CWE-326: Inadequate Encryption Strength", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:18.686Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41681", "datePublished": "2024-08-13T07:54:18.686Z", "dateReserved": "2024-07-19T07:26:24.367Z", "dateUpdated": "2024-08-13T13:50:59.341Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-32635
Vulnerability from cvelistv5
Published
2024-05-14 10:02
Modified
2024-08-13 07:54
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the unmapped memory region while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | JT2Go |
Version: 0 < V2312.0005 |
||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:parasolid:35.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "35.1.256", "status": "affected", "version": "35.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:siemens:parasolid:36.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "36.0.208", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:siemens:parasolid:36.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "parasolid", "vendor": "siemens", "versions": [ { "lessThan": "36.1.173", "status": "affected", "version": "36.1", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-32635", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-14T13:37:49.970409Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T17:27:51.096Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T02:13:40.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "JT2Go", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.2", "vendor": "Siemens", "versions": [ { "lessThan": "V14.2.0.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V14.3", "vendor": "Siemens", "versions": [ { "lessThan": "V14.3.0.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Teamcenter Visualization V2312", "vendor": "Siemens", "versions": [ { "lessThan": "V2312.0005", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain an out of bounds read past the unmapped memory region while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:05.071Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-32635", "datePublished": "2024-05-14T10:02:42.291Z", "dateReserved": "2024-04-16T10:52:15.707Z", "dateUpdated": "2024-08-13T07:54:05.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5869
Vulnerability from cvelistv5
Published
2023-12-10 17:56
Modified
2024-11-15 15:11
Severity ?
EPSS score ?
Summary
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7545 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7579 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7580 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7581 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7616 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7656 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7666 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7667 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7694 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7695 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7714 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7770 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7771 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7772 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7778 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7783 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7784 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7785 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7786 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7788 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7789 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7790 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7878 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7883 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7884 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7885 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0304 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0332 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0337 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-5869 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2247169 | issue-tracking, x_refsource_REDHAT | |
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ | ||
https://www.postgresql.org/support/security/CVE-2023-5869/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Advanced Cluster Security 4.2 |
Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7771", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7771" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7778", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7778" }, { "name": "RHSA-2023:7783", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7783" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7786", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7786" }, { "name": "RHSA-2023:7788", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7788" }, { "name": "RHSA-2023:7789", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7789" }, { "name": "RHSA-2023:7790", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7790" }, { "name": "RHSA-2023:7878", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7878" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5869" }, { "name": "RHBZ#2247169", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240119-0003/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-5869/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::client", "cpe:/o:redhat:enterprise_linux:7::server", "cpe:/o:redhat:enterprise_linux:7::computenode", "cpe:/o:redhat:enterprise_linux:7::workstation" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:9.2.24-9.el7_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113712.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231128173330.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231201202407.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113548.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.1::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8010020231130170510.c27ad7f8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231201202149.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231201202149.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231201202149.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127142440.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127142440.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127142440.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231114115246.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128165328.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231201202249.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231114105206.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231128165335.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:10", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231201202316.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231113134015.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9030020231120082734.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream", "cpe:/a:redhat:rhel_eus:9.0::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020231115020618.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql12-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:12.17-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql10-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:10.23-2.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql13-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "postgresql:16/postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges Pedro Gallegos as the original reporter." } ], "datePublic": "2023-11-09T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:11:34.563Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7771", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7771" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7778", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7778" }, { "name": "RHSA-2023:7783", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7783" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7786", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7786" }, { "name": "RHSA-2023:7788", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7788" }, { "name": "RHSA-2023:7789", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7789" }, { "name": "RHSA-2023:7790", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7790" }, { "name": "RHSA-2023:7878", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7878" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5869" }, { "name": "RHBZ#2247169", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169" }, { "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-5869/" } ], "timeline": [ { "lang": "en", "time": "2023-10-31T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-11-09T00:00:00+00:00", "value": "Made public." } ], "title": "Postgresql: buffer overrun from integer overflow in array modification", "workarounds": [ { "lang": "en", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible." } ], "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5869", "datePublished": "2023-12-10T17:56:57.131Z", "dateReserved": "2023-10-31T03:56:42.638Z", "dateUpdated": "2024-11-15T15:11:34.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-44487
Vulnerability from cvelistv5
Published
2023-10-10 00:00
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 | ||
https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ | ||
https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ | ||
https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack | ||
https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ | ||
https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ | ||
https://news.ycombinator.com/item?id=37831062 | ||
https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ | ||
https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack | ||
https://github.com/envoyproxy/envoy/pull/30055 | ||
https://github.com/haproxy/haproxy/issues/2312 | ||
https://github.com/eclipse/jetty.project/issues/10679 | ||
https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 | ||
https://github.com/nghttp2/nghttp2/pull/1961 | ||
https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 | ||
https://github.com/alibaba/tengine/issues/1872 | ||
https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 | ||
https://news.ycombinator.com/item?id=37830987 | ||
https://news.ycombinator.com/item?id=37830998 | ||
https://github.com/caddyserver/caddy/issues/5877 | ||
https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ | ||
https://github.com/bcdannyboy/CVE-2023-44487 | ||
https://github.com/grpc/grpc-go/pull/6703 | ||
https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 | ||
https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 | ||
https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html | ||
https://my.f5.com/manage/s/article/K000137106 | ||
https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ | ||
https://bugzilla.proxmox.com/show_bug.cgi?id=4988 | ||
https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 | ||
https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected | ||
https://github.com/microsoft/CBL-Mariner/pull/6381 | ||
https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo | ||
https://github.com/facebook/proxygen/pull/466 | ||
https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 | ||
https://github.com/micrictor/http2-rst-stream | ||
https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve | ||
https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ | ||
https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf | ||
https://github.com/h2o/h2o/pull/3291 | ||
https://github.com/nodejs/node/pull/50121 | ||
https://github.com/dotnet/announcements/issues/277 | ||
https://github.com/golang/go/issues/63417 | ||
https://github.com/advisories/GHSA-vx74-f528-fxqg | ||
https://github.com/apache/trafficserver/pull/10564 | ||
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 | ||
https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 | ||
https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q | ||
https://www.openwall.com/lists/oss-security/2023/10/10/6 | ||
https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 | ||
https://github.com/opensearch-project/data-prepper/issues/3474 | ||
https://github.com/kubernetes/kubernetes/pull/121120 | ||
https://github.com/oqtane/oqtane.framework/discussions/3367 | ||
https://github.com/advisories/GHSA-xpw8-rcwv-8f8p | ||
https://netty.io/news/2023/10/10/4-1-100-Final.html | ||
https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 | ||
https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/ | ||
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack | ||
https://news.ycombinator.com/item?id=37837043 | ||
https://github.com/kazu-yamamoto/http2/issues/93 | ||
https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html | ||
https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 | ||
https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 | ||
https://www.debian.org/security/2023/dsa-5522 | vendor-advisory | |
https://www.debian.org/security/2023/dsa-5521 | vendor-advisory | |
https://access.redhat.com/security/cve/cve-2023-44487 | ||
https://github.com/ninenines/cowboy/issues/1615 | ||
https://github.com/varnishcache/varnish-cache/issues/3996 | ||
https://github.com/tempesta-tech/tempesta/issues/1986 | ||
https://blog.vespa.ai/cve-2023-44487/ | ||
https://github.com/etcd-io/etcd/issues/16740 | ||
https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event | ||
https://istio.io/latest/news/security/istio-security-2023-004/ | ||
https://github.com/junkurihara/rust-rpxy/issues/97 | ||
https://bugzilla.suse.com/show_bug.cgi?id=1216123 | ||
https://bugzilla.redhat.com/show_bug.cgi?id=2242803 | ||
https://ubuntu.com/security/CVE-2023-44487 | ||
https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 | ||
https://github.com/advisories/GHSA-qppj-fm5r-hxr3 | ||
https://github.com/apache/httpd-site/pull/10 | ||
https://github.com/projectcontour/contour/pull/5826 | ||
https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 | ||
https://github.com/line/armeria/pull/5232 | ||
https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ | ||
https://security.paloaltonetworks.com/CVE-2023-44487 | ||
https://github.com/akka/akka-http/issues/4323 | ||
https://github.com/openresty/openresty/issues/930 | ||
https://github.com/apache/apisix/issues/10320 | ||
https://github.com/Azure/AKS/issues/3947 | ||
https://github.com/Kong/kong/discussions/11741 | ||
https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 | ||
https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ | ||
https://github.com/caddyserver/caddy/releases/tag/v2.7.5 | ||
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html | mailing-list | |
http://www.openwall.com/lists/oss-security/2023/10/13/4 | mailing-list | |
http://www.openwall.com/lists/oss-security/2023/10/13/9 | mailing-list | |
https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ | ||
https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ | vendor-advisory | |
https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ | ||
https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html | mailing-list | |
https://security.netapp.com/advisory/ntap-20231016-0001/ | ||
https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html | mailing-list | |
http://www.openwall.com/lists/oss-security/2023/10/18/4 | mailing-list | |
http://www.openwall.com/lists/oss-security/2023/10/18/8 | mailing-list | |
http://www.openwall.com/lists/oss-security/2023/10/19/6 | mailing-list | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ | vendor-advisory | |
http://www.openwall.com/lists/oss-security/2023/10/20/8 | mailing-list | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html | mailing-list | |
https://www.debian.org/security/2023/dsa-5540 | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html | mailing-list | |
https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html | mailing-list | |
https://www.debian.org/security/2023/dsa-5549 | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ | vendor-advisory | |
https://www.debian.org/security/2023/dsa-5558 | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html | mailing-list | |
https://security.gentoo.org/glsa/202311-09 | vendor-advisory | |
https://www.debian.org/security/2023/dsa-5570 | vendor-advisory | |
https://security.netapp.com/advisory/ntap-20240426-0007/ | ||
https://security.netapp.com/advisory/ntap-20240621-0006/ | ||
https://security.netapp.com/advisory/ntap-20240621-0007/ |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "http", "vendor": "ietf", "versions": [ { "status": "affected", "version": "2.0" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-44487", "options": [ { "Exploitation": "active" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T20:34:21.334116Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2023-10-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-44487" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-23T20:35:03.253Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-19T07:48:04.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "tags": [ "x_transferred" ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "tags": [ "x_transferred" ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "tags": [ "x_transferred" ], "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "tags": [ "x_transferred" ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "tags": [ "x_transferred" ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=37831062" }, { "tags": [ "x_transferred" ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "tags": [ "x_transferred" ], "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "tags": [ "x_transferred" ], "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "tags": [ "x_transferred" ], "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "tags": [ "x_transferred" ], "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "tags": [ "x_transferred" ], "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "tags": [ "x_transferred" ], "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "tags": [ "x_transferred" ], "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "tags": [ "x_transferred" ], "url": "https://github.com/alibaba/tengine/issues/1872" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=37830987" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=37830998" }, { "tags": [ "x_transferred" ], "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "tags": [ "x_transferred" ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "tags": [ "x_transferred" ], "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "tags": [ "x_transferred" ], "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "tags": [ "x_transferred" ], "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "tags": [ "x_transferred" ], "url": "https://my.f5.com/manage/s/article/K000137106" }, { "tags": [ "x_transferred" ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "tags": [ "x_transferred" ], "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "tags": [ "x_transferred" ], "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "tags": [ "x_transferred" ], "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "tags": [ "x_transferred" ], "url": "https://github.com/facebook/proxygen/pull/466" }, { "tags": [ "x_transferred" ], "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "tags": [ "x_transferred" ], "url": "https://github.com/micrictor/http2-rst-stream" }, { "tags": [ "x_transferred" ], "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "tags": [ "x_transferred" ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/h2o/h2o/pull/3291" }, { "tags": [ "x_transferred" ], "url": "https://github.com/nodejs/node/pull/50121" }, { "tags": [ "x_transferred" ], "url": "https://github.com/dotnet/announcements/issues/277" }, { "tags": [ "x_transferred" ], "url": "https://github.com/golang/go/issues/63417" }, { "tags": [ "x_transferred" ], "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/trafficserver/pull/10564" }, { "tags": [ "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "tags": [ "x_transferred" ], "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "tags": [ "x_transferred" ], "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "tags": [ "x_transferred" ], "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "tags": [ "x_transferred" ], "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "tags": [ "x_transferred" ], "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "tags": [ "x_transferred" ], "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "tags": [ "x_transferred" ], "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "tags": [ "x_transferred" ], "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=37837043" }, { "tags": [ "x_transferred" ], "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "tags": [ "x_transferred" ], "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "name": "DSA-5522", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "name": "DSA-5521", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "tags": [ "x_transferred" ], "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "tags": [ "x_transferred" ], "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "tags": [ "x_transferred" ], "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "tags": [ "x_transferred" ], "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "tags": [ "x_transferred" ], "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "tags": [ "x_transferred" ], "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "tags": [ "x_transferred" ], "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/httpd-site/pull/10" }, { "tags": [ "x_transferred" ], "url": "https://github.com/projectcontour/contour/pull/5826" }, { "tags": [ "x_transferred" ], "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "tags": [ "x_transferred" ], "url": "https://github.com/line/armeria/pull/5232" }, { "tags": [ "x_transferred" ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "tags": [ "x_transferred" ], "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://github.com/akka/akka-http/issues/4323" }, { "tags": [ "x_transferred" ], "url": "https://github.com/openresty/openresty/issues/930" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/apisix/issues/10320" }, { "tags": [ "x_transferred" ], "url": "https://github.com/Azure/AKS/issues/3947" }, { "tags": [ "x_transferred" ], "url": "https://github.com/Kong/kong/discussions/11741" }, { "tags": [ "x_transferred" ], "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "tags": [ "x_transferred" ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "tags": [ "x_transferred" ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "tags": [ "x_transferred" ], "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "name": "FEDORA-2023-ed2642fd58", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "tags": [ "x_transferred" ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "name": "[oss-security] 20231018 Vulnerability in Jenkins", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "name": "FEDORA-2023-54fadada12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "name": "FEDORA-2023-5ff7bf1dd8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "name": "FEDORA-2023-17efd3f2cd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "name": "FEDORA-2023-d5030c983c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "name": "FEDORA-2023-0259c3f26f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "name": "FEDORA-2023-2a9214af5f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "name": "FEDORA-2023-e9c04d81c1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "name": "FEDORA-2023-f66fc0f62a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "name": "FEDORA-2023-4d2fd884ea", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "name": "FEDORA-2023-b2c50535cb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "name": "FEDORA-2023-fe53e13b5b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "name": "FEDORA-2023-4bf641255e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "name": "DSA-5540", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5540" }, { "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "name": "FEDORA-2023-1caffb88af", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "name": "FEDORA-2023-3f70b8d406", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "name": "FEDORA-2023-7b52921cae", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "name": "FEDORA-2023-7934802344", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "name": "FEDORA-2023-dbe64661af", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "name": "FEDORA-2023-822aab0a5a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "name": "DSA-5549", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5549" }, { "name": "FEDORA-2023-c0c6a91330", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "name": "FEDORA-2023-492b7be466", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "name": "DSA-5558", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5558" }, { "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "name": "GLSA-202311-09", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "name": "DSA-5570", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5570" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" }, { "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:08:34.967324", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "url": "https://news.ycombinator.com/item?id=37831062" }, { "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "url": "https://github.com/alibaba/tengine/issues/1872" }, { "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "url": "https://news.ycombinator.com/item?id=37830987" }, { "url": "https://news.ycombinator.com/item?id=37830998" }, { "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "url": "https://my.f5.com/manage/s/article/K000137106" }, { "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "url": "https://github.com/facebook/proxygen/pull/466" }, { "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "url": "https://github.com/micrictor/http2-rst-stream" }, { "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "url": "https://github.com/h2o/h2o/pull/3291" }, { "url": "https://github.com/nodejs/node/pull/50121" }, { "url": "https://github.com/dotnet/announcements/issues/277" }, { "url": "https://github.com/golang/go/issues/63417" }, { "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "url": "https://github.com/apache/trafficserver/pull/10564" }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "url": "https://news.ycombinator.com/item?id=37837043" }, { "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "name": "DSA-5522", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "name": "DSA-5521", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "url": "https://github.com/apache/httpd-site/pull/10" }, { "url": "https://github.com/projectcontour/contour/pull/5826" }, { "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "url": "https://github.com/line/armeria/pull/5232" }, { "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "url": "https://github.com/akka/akka-http/issues/4323" }, { "url": "https://github.com/openresty/openresty/issues/930" }, { "url": "https://github.com/apache/apisix/issues/10320" }, { "url": "https://github.com/Azure/AKS/issues/3947" }, { "url": "https://github.com/Kong/kong/discussions/11741" }, { "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "name": "FEDORA-2023-ed2642fd58", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "name": "[oss-security] 20231018 Vulnerability in Jenkins", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "name": "FEDORA-2023-54fadada12", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "name": "FEDORA-2023-5ff7bf1dd8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "name": "FEDORA-2023-17efd3f2cd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "name": "FEDORA-2023-d5030c983c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "name": "FEDORA-2023-0259c3f26f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "name": "FEDORA-2023-2a9214af5f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "name": "FEDORA-2023-e9c04d81c1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "name": "FEDORA-2023-f66fc0f62a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "name": "FEDORA-2023-4d2fd884ea", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "name": "FEDORA-2023-b2c50535cb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "name": "FEDORA-2023-fe53e13b5b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "name": "FEDORA-2023-4bf641255e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "name": "DSA-5540", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5540" }, { "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "name": "FEDORA-2023-1caffb88af", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "name": "FEDORA-2023-3f70b8d406", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "name": "FEDORA-2023-7b52921cae", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "name": "FEDORA-2023-7934802344", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "name": "FEDORA-2023-dbe64661af", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "name": "FEDORA-2023-822aab0a5a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "name": "DSA-5549", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5549" }, { "name": "FEDORA-2023-c0c6a91330", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "name": "FEDORA-2023-492b7be466", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "name": "DSA-5558", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5558" }, { "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "name": "GLSA-202311-09", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "name": "DSA-5570", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5570" }, { "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-44487", "datePublished": "2023-10-10T00:00:00", "dateReserved": "2023-09-29T00:00:00", "dateUpdated": "2024-08-19T07:48:04.546Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42795
Vulnerability from cvelistv5
Published
2023-10-10 17:42
Modified
2024-09-18 16:26
Severity ?
EPSS score ?
Summary
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could
cause Tomcat to skip some parts of the recycling process leading to
information leaking from the current request/response to the next.
Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
References
▼ | URL | Tags |
---|---|---|
https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw | vendor-advisory | |
http://www.openwall.com/lists/oss-security/2023/10/10/9 | ||
https://www.debian.org/security/2023/dsa-5522 | ||
https://www.debian.org/security/2023/dsa-5521 | ||
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html | ||
https://security.netapp.com/advisory/ntap-20231103-0007/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.0-M11 Version: 10.1.0-M1 ≤ 10.1.13 Version: 9.0.0-M1 ≤ 9.0.80 Version: 8.5.0 ≤ 8.5.93 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:30:24.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/9" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231103-0007/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:apache:accumulo:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "accumulo", "vendor": "apache", "versions": [ { "status": "affected", "version": "11.0.0-m1" }, { "lessThanOrEqual": "10.1.13", "status": "affected", "version": "10.10-m1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.80", "status": "affected", "version": "9.0.0-m1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.93", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-42795", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-18T16:23:53.651535Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-18T16:26:54.828Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "11.0.0-M11", "status": "affected", "version": "11.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "10.1.13", "status": "affected", "version": "10.1.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.80", "status": "affected", "version": "9.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.93", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Incomplete Cleanup vulnerability in Apache Tomcat.\u003cp\u003eWhen recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could \ncause Tomcat to skip some parts of the recycling process leading to \ninformation leaking from the current request/response to the next.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.\u003c/p\u003e" } ], "value": "Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could \ncause Tomcat to skip some parts of the recycling process leading to \ninformation leaking from the current request/response to the next.\n\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-459", "description": "CWE-459 Incomplete Cleanup", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-10T17:42:16.705Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw" }, { "url": "http://www.openwall.com/lists/oss-security/2023/10/10/9" }, { "url": "https://www.debian.org/security/2023/dsa-5522" }, { "url": "https://www.debian.org/security/2023/dsa-5521" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231103-0007/" } ], "source": { "discovery": "INTERNAL" }, "title": "Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-42795", "datePublished": "2023-10-10T17:42:16.705Z", "dateReserved": "2023-09-14T12:11:26.550Z", "dateUpdated": "2024-09-18T16:26:54.828Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28182
Vulnerability from cvelistv5
Published
2024-04-04 14:41
Modified
2024-09-27 16:02
Severity ?
EPSS score ?
Summary
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q | x_refsource_CONFIRM | |
https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0 | x_refsource_MISC | |
https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGOME6ZXJG7664IPQNVE3DL67E3YP3HY/ | ||
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J6ZMXUGB66VAXDW5J6QSTHM5ET25FGSA/ | ||
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXJO2EASHM2OQQLGVDY5ZSO7UVDVHTDK/ | ||
https://lists.debian.org/debian-lts-announce/2024/04/msg00026.html | ||
http://www.openwall.com/lists/oss-security/2024/04/03/16 |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nghttp2", "vendor": "nghttp2", "versions": [ { "lessThan": "1.61.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-28182", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-04T17:15:08.320689Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-15T15:54:31.848Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-09-27T16:02:59.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q" }, { "name": "https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0" }, { "name": "https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGOME6ZXJG7664IPQNVE3DL67E3YP3HY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J6ZMXUGB66VAXDW5J6QSTHM5ET25FGSA/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXJO2EASHM2OQQLGVDY5ZSO7UVDVHTDK/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00026.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00041.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nghttp2", "vendor": "nghttp2", "versions": [ { "status": "affected", "version": "\u003c 1.61.0" } ] } ], "descriptions": [ { "lang": "en", "value": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-04T14:41:36.587Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q" }, { "name": "https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0" }, { "name": "https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGOME6ZXJG7664IPQNVE3DL67E3YP3HY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J6ZMXUGB66VAXDW5J6QSTHM5ET25FGSA/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXJO2EASHM2OQQLGVDY5ZSO7UVDVHTDK/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00026.html" }, { "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16" } ], "source": { "advisory": "GHSA-x6x3-gv8h-m57q", "discovery": "UNKNOWN" }, "title": "Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-28182", "datePublished": "2024-04-04T14:41:36.587Z", "dateReserved": "2024-03-06T17:35:00.857Z", "dateUpdated": "2024-09-27T16:02:59.311Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28757
Vulnerability from cvelistv5
Published
2024-03-10 00:00
Modified
2024-08-02 00:56
Severity ?
EPSS score ?
Summary
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
References
▼ | URL | Tags |
---|---|---|
https://github.com/libexpat/libexpat/pull/842 | ||
https://github.com/libexpat/libexpat/issues/839 | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ | vendor-advisory | |
https://security.netapp.com/advisory/ntap-20240322-0001/ | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ | vendor-advisory | |
http://www.openwall.com/lists/oss-security/2024/03/15/1 | mailing-list |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28757", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-11T13:15:18.395170Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:07.516Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:56:58.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/842" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/issues/839" }, { "name": "FEDORA-2024-4e6e660fae", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/" }, { "name": "FEDORA-2024-40b98c9ced", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240322-0001/" }, { "name": "FEDORA-2024-afb73e6f62", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/" }, { "name": "[oss-security] 20240315 Expat 2.6.2 released, includes security fixes", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/15/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-01T19:07:21.211670", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/842" }, { "url": "https://github.com/libexpat/libexpat/issues/839" }, { "name": "FEDORA-2024-4e6e660fae", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/" }, { "name": "FEDORA-2024-40b98c9ced", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/" }, { "url": "https://security.netapp.com/advisory/ntap-20240322-0001/" }, { "name": "FEDORA-2024-afb73e6f62", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/" }, { "name": "[oss-security] 20240315 Expat 2.6.2 released, includes security fixes", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/15/1" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2024-28757", "datePublished": "2024-03-10T00:00:00", "dateReserved": "2024-03-10T00:00:00", "dateUpdated": "2024-08-02T00:56:58.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-46120
Vulnerability from cvelistv5
Published
2023-10-24 23:05
Modified
2024-09-11 13:20
Severity ?
EPSS score ?
Summary
The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.
References
▼ | URL | Tags |
---|---|---|
https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h | x_refsource_CONFIRM | |
https://github.com/rabbitmq/rabbitmq-java-client/issues/1062 | x_refsource_MISC | |
https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8 | x_refsource_MISC | |
https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | rabbitmq | rabbitmq-java-client |
Version: < 5.18.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:37:39.470Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/issues/1062", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/issues/1062" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:rabbitmq:rabbitmq-java-client:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "rabbitmq-java-client", "vendor": "rabbitmq", "versions": [ { "lessThan": "5.18.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-46120", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T13:10:31.256070Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T13:20:34.629Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "rabbitmq-java-client", "vendor": "rabbitmq", "versions": [ { "status": "affected", "version": "\u003c 5.18.0" } ] } ], "descriptions": [ { "lang": "en", "value": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-24T23:05:24.172Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/issues/1062", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/issues/1062" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8" }, { "name": "https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0" } ], "source": { "advisory": "GHSA-mm8h-8587-p46h", "discovery": "UNKNOWN" }, "title": "RabbitMQ Java client\u0027s lack of message size limitation leads to remote DoS attack" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-46120", "datePublished": "2023-10-24T23:05:24.172Z", "dateReserved": "2023-10-16T17:51:35.571Z", "dateUpdated": "2024-09-11T13:20:34.629Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5180
Vulnerability from cvelistv5
Published
2023-12-26 08:35
Modified
2024-08-02 07:52
Severity ?
EPSS score ?
Summary
An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
References
▼ | URL | Tags |
---|---|---|
https://www.opendesign.com/security-advisories | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Open Design Alliance | ODA Drawings SDK - All Versions < 2024.12 |
Version: 0 < 2024.12 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:07.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.opendesign.com/security-advisories" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ODA Drawings SDK - All Versions \u003c 2024.12", "vendor": "Open Design Alliance", "versions": [ { "lessThan": "2024.12", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Seyit S\u0131\u011f\u0131rc\u0131" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An issue was discovered in Open Design Alliance\nDrawings SDK before 2024.12. A corrupted value of number\nof sectors used by the Fat structure in a crafted DGN file leads to an\nout-of-bounds write. An attacker can leverage this vulnerability to execute\ncode in the context of the current process." } ], "value": "An issue was discovered in Open Design Alliance\nDrawings SDK before 2024.12. A corrupted value of number\nof sectors used by the Fat structure in a crafted DGN file leads to an\nout-of-bounds write. An attacker can leverage this vulnerability to execute\ncode in the context of the current process." } ], "impacts": [ { "capecId": "CAPEC-123", "descriptions": [ { "lang": "en", "value": "CAPEC-123 Buffer Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "To exploit vulnerability, malicious DGN file should be read by ODA Drawings SDK." } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-26T08:35:40.093Z", "orgId": "8a9629cb-c5e7-4d2a-a894-111e8039b7ea", "shortName": "ODA" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.opendesign.com/security-advisories" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "8a9629cb-c5e7-4d2a-a894-111e8039b7ea", "assignerShortName": "ODA", "cveId": "CVE-2023-5180", "datePublished": "2023-12-26T08:35:37.619Z", "dateReserved": "2023-09-25T17:08:17.255Z", "dateUpdated": "2024-08-02T07:52:07.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41905
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:25
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
7.6 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
7.6 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Siemens | SINEC Traffic Analyzer |
Version: 0 < V2.0 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:siemens:sinec_traffic_analyzer:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinec_traffic_analyzer", "vendor": "siemens", "versions": [ { "lessThan": "2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41905", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:05:49.682793Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:25:25.882Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SINEC Traffic Analyzer", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions \u003c V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege\u0027s to get access to sensitive information." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.6, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:25.056Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41905", "datePublished": "2024-08-13T07:54:25.056Z", "dateReserved": "2024-07-23T10:56:51.268Z", "dateUpdated": "2024-08-13T13:25:25.882Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-41908
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:49
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in NX (All versions < V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:siemens:nx_1957_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:nx_1961_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:nx_1965_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:nx_1969_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:nx_1984_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:nx_1988_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nx_1988_firmware", "vendor": "siemens", "versions": [ { "lessThan": "2406.3000", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-41908", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-13T13:29:47.094197Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-13T13:49:49.818Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "NX", "vendor": "Siemens", "versions": [ { "lessThan": "V2406.3000", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in NX (All versions \u003c V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-13T07:54:28.985Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-357412.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-41908", "datePublished": "2024-08-13T07:54:28.985Z", "dateReserved": "2024-07-23T12:40:56.886Z", "dateUpdated": "2024-08-13T13:49:49.818Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6378
Vulnerability from cvelistv5
Published
2023-11-29 12:02
Modified
2024-11-29 12:04
Severity ?
EPSS score ?
Summary
A serialization vulnerability in logback receiver component part of
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | QOS.CH Sarl | logback | |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-29T12:04:40.421Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://logback.qos.ch/news.html#1.3.12" }, { "url": "https://security.netapp.com/advisory/ntap-20241129-0012/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-6378", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-11T17:51:31.895829Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-11T17:55:50.633Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "logback receiver" ], "platforms": [ "Windows", "Linux", "MacOS" ], "product": "logback", "repo": "https://github.com/qos-ch/logback", "vendor": "QOS.CH Sarl", "versions": [ { "status": "unaffected", "version": "1.4.12" }, { "status": "unaffected", "version": "1.3.12" }, { "status": "unaffected", "version": "1.2.13" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\u003cpre\u003eThe attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\u003c/pre\u003e\n\n\u003cbr\u003e" } ], "value": "The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\n\n\n\n\n" } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Yakov Shafranovich, Amazon Web Services" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\nA serialization vulnerability in logback receiver component part of \nlogback version 1.4.11 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "value": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.11 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "Excessive CPU or memory usage on the host where a logback receiver component is deployed" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial-of-service using poisoned data", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-05T08:57:52.168Z", "orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch" }, "references": [ { "url": "https://logback.qos.ch/news.html#1.3.12" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.12 or later will remedy the vulnerability.\u003cbr\u003e" } ], "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.12 or later will remedy the vulnerability.\n" } ], "source": { "discovery": "EXTERNAL" }, "title": "Logback \"receiver\" DOS vulnerability ", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Only environments where logback receiver is deployed are vulnerable. \u003cbr\u003e" } ], "value": "Only environments where logback receiver is deployed are vulnerable. \n" } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "assignerShortName": "NCSC.ch", "cveId": "CVE-2023-6378", "datePublished": "2023-11-29T12:02:37.496Z", "dateReserved": "2023-11-29T10:18:07.523Z", "dateUpdated": "2024-11-29T12:04:40.421Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.