cvelistv5 - cve-2024-38492

CVE-2024-38492 (GCVE-0-2024-38492)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:54 – Updated: 2024-08-02 04:12

Summary

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

Severity ?

9.4 (Critical)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "lessThanOrEqual": "4.1.7",
                "status": "affected",
                "version": "4.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "status": "affected",
                "version": "3.4.6.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38492",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T15:07:11.231782Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-16T13:18:28.244Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:12:24.735Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
            }
          ],
          "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:54:38.819Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-38492",
    "datePublished": "2024-07-15T13:54:38.819Z",
    "dateReserved": "2024-06-18T06:18:01.975Z",
    "dateUpdated": "2024-08-02T04:12:24.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\"}, {\"lang\": \"es\", \"value\": \"Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecuci\\u00f3n remota de comandos en el sistema PAM afectado cargando un archivo de actualizaci\\u00f3n de PAM especialmente manipulado.\"}]",
      "id": "CVE-2024-38492",
      "lastModified": "2024-11-21T09:26:05.417",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"secure@symantec.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 9.4, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"ADJACENT\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"HIGH\", \"subsequentSystemIntegrity\": \"HIGH\", \"subsequentSystemAvailability\": \"HIGH\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}]}",
      "published": "2024-07-15T14:15:03.240",
      "references": "[{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\", \"source\": \"secure@symantec.com\"}, {\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@symantec.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38492\",\"sourceIdentifier\":\"secure@symantec.com\",\"published\":\"2024-07-15T14:15:03.240\",\"lastModified\":\"2024-11-21T09:26:05.417\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecuci\u00f3n remota de comandos en el sistema PAM afectado cargando un archivo de actualizaci\u00f3n de PAM especialmente manipulado.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@symantec.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.4,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"references\":[{\"url\":\"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\",\"source\":\"secure@symantec.com\"},{\"url\":\"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T04:12:24.735Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38492\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-15T15:07:11.231782Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*\"], \"vendor\": \"broadcom\", \"product\": \"symantec_privileged_access_management\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.1.7\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*\"], \"vendor\": \"broadcom\", \"product\": \"symantec_privileged_access_management\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.4.6.0\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-15T15:14:12.606Z\"}}], \"cna\": {\"title\": \"Symantec Privileged Access Manager Remote Command Execution vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Paolo Cavagli\\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com\"}], \"impacts\": [{\"capecId\": \"CAPEC-88\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-88 OS Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.4, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Broadcom\", \"product\": \"Symantec Privileged Access Management\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.1.0 - 4.1.7\"}, {\"status\": \"affected\", \"version\": \"3.4.6\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\\n\\n\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"80d3bcb6-88de-48c2-a47e-aebf795f19b5\", \"shortName\": \"symantec\", \"dateUpdated\": \"2024-07-15T13:54:38.819Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-38492\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T04:12:24.735Z\", \"dateReserved\": \"2024-06-18T06:18:01.975Z\", \"assignerOrgId\": \"80d3bcb6-88de-48c2-a47e-aebf795f19b5\", \"datePublished\": \"2024-07-15T13:54:38.819Z\", \"assignerShortName\": \"symantec\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-X26H-97QP-JH49

Vulnerability from github – Published: 2024-07-15 15:31 – Updated: 2024-07-15 15:31

Details

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

Severity ?

9.4 (Critical)


                  
                    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-38492"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-15T14:15:03Z",
    "severity": "CRITICAL"
  },
  "details": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.",
  "id": "GHSA-x26h-97qp-jh49",
  "modified": "2024-07-15T15:31:00Z",
  "published": "2024-07-15T15:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38492"
    },
    {
      "type": "WEB",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CNVD-2024-36955

Vulnerability from cnvd - Published: 2024-08-30

Title

Broadcom Symantec Privileged Access Management文件上传漏洞

Description

Broadcom Symantec Privileged Access Management（Broadcom Symantec PAM）是美国博通（Broadcom）公司的一种安全软件。通过保护敏感的管理凭据、控制特权用户访问、主动实施安全策略以及监控和记录虚拟、云和物理环境中的特权用户活动来帮助防止安全漏洞。 Broadcom Symantec Privileged Access Management存在文件上传漏洞，该漏洞源于应用对上传的文件缺少有效的验证，未经身份验证的攻击者可利用该漏洞通过上传特制的PAM升级文件在受影响的PAM系统上实现远程命令执行。

Severity

高

Patch Name

Broadcom Symantec Privileged Access Management文件上传漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678

Reference

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678

Impacted products

Name
Broadcom Symantec Privileged Access Management

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-38492",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-38492"
    }
  },
  "description": "Broadcom Symantec Privileged Access Management\uff08Broadcom Symantec PAM\uff09\u662f\u7f8e\u56fd\u535a\u901a\uff08Broadcom\uff09\u516c\u53f8\u7684\u4e00\u79cd\u5b89\u5168\u8f6f\u4ef6\u3002\u901a\u8fc7\u4fdd\u62a4\u654f\u611f\u7684\u7ba1\u7406\u51ed\u636e\u3001\u63a7\u5236\u7279\u6743\u7528\u6237\u8bbf\u95ee\u3001\u4e3b\u52a8\u5b9e\u65bd\u5b89\u5168\u7b56\u7565\u4ee5\u53ca\u76d1\u63a7\u548c\u8bb0\u5f55\u865a\u62df\u3001\u4e91\u548c\u7269\u7406\u73af\u5883\u4e2d\u7684\u7279\u6743\u7528\u6237\u6d3b\u52a8\u6765\u5e2e\u52a9\u9632\u6b62\u5b89\u5168\u6f0f\u6d1e\u3002\n\nBroadcom Symantec Privileged Access Management\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5bf9\u4e0a\u4f20\u7684\u6587\u4ef6\u7f3a\u5c11\u6709\u6548\u7684\u9a8c\u8bc1\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u4e0a\u4f20\u7279\u5236\u7684PAM\u5347\u7ea7\u6587\u4ef6\u5728\u53d7\u5f71\u54cd\u7684PAM\u7cfb\u7edf\u4e0a\u5b9e\u73b0\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-36955",
  "openTime": "2024-08-30",
  "patchDescription": "Broadcom Symantec Privileged Access Management\uff08Broadcom Symantec PAM\uff09\u662f\u7f8e\u56fd\u535a\u901a\uff08Broadcom\uff09\u516c\u53f8\u7684\u4e00\u79cd\u5b89\u5168\u8f6f\u4ef6\u3002\u901a\u8fc7\u4fdd\u62a4\u654f\u611f\u7684\u7ba1\u7406\u51ed\u636e\u3001\u63a7\u5236\u7279\u6743\u7528\u6237\u8bbf\u95ee\u3001\u4e3b\u52a8\u5b9e\u65bd\u5b89\u5168\u7b56\u7565\u4ee5\u53ca\u76d1\u63a7\u548c\u8bb0\u5f55\u865a\u62df\u3001\u4e91\u548c\u7269\u7406\u73af\u5883\u4e2d\u7684\u7279\u6743\u7528\u6237\u6d3b\u52a8\u6765\u5e2e\u52a9\u9632\u6b62\u5b89\u5168\u6f0f\u6d1e\u3002\r\n\r\nBroadcom Symantec Privileged Access Management\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5bf9\u4e0a\u4f20\u7684\u6587\u4ef6\u7f3a\u5c11\u6709\u6548\u7684\u9a8c\u8bc1\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u4e0a\u4f20\u7279\u5236\u7684PAM\u5347\u7ea7\u6587\u4ef6\u5728\u53d7\u5f71\u54cd\u7684PAM\u7cfb\u7edf\u4e0a\u5b9e\u73b0\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Broadcom Symantec Privileged Access Management\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Broadcom Symantec Privileged Access Management"
  },
  "referenceLink": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678",
  "serverity": "\u9ad8",
  "submitTime": "2024-07-19",
  "title": "Broadcom Symantec Privileged Access Management\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}

FKIE_CVE-2024-38492

Vulnerability from fkie_nvd - Published: 2024-07-15 14:15 - Updated: 2024-11-21 09:26

Severity ?

9.4 (Critical) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Summary

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

References

	URL	Tags
	secure@symantec.com	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678
	af854a3a-2127-422b-91ae-364da2661108	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
    },
    {
      "lang": "es",
      "value": "Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecuci\u00f3n remota de comandos en el sistema PAM afectado cargando un archivo de actualizaci\u00f3n de PAM especialmente manipulado."
    }
  ],
  "id": "CVE-2024-38492",
  "lastModified": "2024-11-21T09:26:05.417",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 9.4,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "secure@symantec.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-15T14:15:03.240",
  "references": [
    {
      "source": "secure@symantec.com",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
    }
  ],
  "sourceIdentifier": "secure@symantec.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

NCSC-2024-0316

Vulnerability from csaf_ncscnl - Published: 2024-07-22 09:17 - Updated: 2024-07-22 09:17

Summary

Kwetsbaarheid verholpen in Broadcom Symantec Privileged Access Management

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Broadcom heeft kwetsbaarheden verholpen in Broadcom Symantec Privileged Access Management.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om willekeurige code uit te voeren op het systeem of om de werking van het systeem te manipuleren. De kwetsbaarheden met kenmerken CVE-2024-36455, CVE-2024-36456 en CVE-2024-38492 stellen een ongeauthenticeerde kwaadwillende in staat om willekeurige code uit te voeren in de scope van een geauthenticeerd slachtoffer. Succesvol misbruik vereist wel dat de kwaadwillende toegang heeft tot de infrastructuur waar Broadcom Symantec Privileged Access Management op draait. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben.

Oplossingen

Broadcom heeft updates uitgebracht om de kwetsbaarheden in Broadcom Symantec Privileged Access Management te verhelpen. Zie bijgevoegde referenties voor meer informatie. Om de security advisory in te zien moet worden ingelogd met een Broadcom account.

Kans

medium

Schade

high

CWE-287

Improper Authentication

CWE-434

Unrestricted Upload of File with Dangerous Type

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Broadcom heeft kwetsbaarheden verholpen in Broadcom Symantec Privileged Access Management.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om willekeurige code uit te voeren op het systeem of om de werking van het systeem te manipuleren.\n\nDe kwetsbaarheden met kenmerken CVE-2024-36455, CVE-2024-36456 en CVE-2024-38492 stellen een ongeauthenticeerde kwaadwillende in staat om willekeurige code uit te voeren in de scope van een geauthenticeerd slachtoffer. Succesvol misbruik vereist wel dat de kwaadwillende toegang heeft tot de infrastructuur waar Broadcom Symantec Privileged Access Management op draait. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Broadcom heeft updates uitgebracht om de kwetsbaarheden in Broadcom Symantec Privileged Access Management te verhelpen. Zie bijgevoegde referenties voor meer informatie. Om de security advisory in te zien moet worden ingelogd met een Broadcom account.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      },
      {
        "category": "general",
        "text": "Unrestricted Upload of File with Dangerous Type",
        "title": "CWE-434"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36455"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36456"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36457"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36458"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38492"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd",
        "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
      }
    ],
    "title": " Kwetsbaarheid verholpen in Broadcom Symantec Privileged Access Management",
    "tracking": {
      "current_release_date": "2024-07-22T09:17:29.853486Z",
      "id": "NCSC-2024-0316",
      "initial_release_date": "2024-07-22T09:17:29.853486Z",
      "revision_history": [
        {
          "date": "2024-07-22T09:17:29.853486Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502250",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502251",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502252",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502253",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502254",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502255",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0_-_4.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502256",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502257",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502258",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502259",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502260",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.7:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "broadcom"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36458",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36458",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36458.json"
        }
      ],
      "title": "CVE-2024-36458"
    },
    {
      "cve": "CVE-2024-36457",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36457",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36457.json"
        }
      ],
      "title": "CVE-2024-36457"
    },
    {
      "cve": "CVE-2024-38492",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38492.json"
        }
      ],
      "title": "CVE-2024-38492"
    },
    {
      "cve": "CVE-2024-36456",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unrestricted Upload of File with Dangerous Type",
          "title": "CWE-434"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36456",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36456.json"
        }
      ],
      "title": "CVE-2024-36456"
    },
    {
      "cve": "CVE-2024-36455",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36455",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36455.json"
        }
      ],
      "title": "CVE-2024-36455"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-38492 (GCVE-0-2024-38492)

GHSA-X26H-97QP-JH49

CNVD-2024-36955

FKIE_CVE-2024-38492

NCSC-2024-0316

Tags

Sightings

Nomenclature