cvelistv5 - cve-2024-47531

CVE-2024-47531 (GCVE-0-2024-47531)

Vulnerability from cvelistv5 – Published: 2024-09-30 15:26 – Updated: 2024-09-30 16:31

Summary

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users' devices or data. This vulnerability is fixed in 4.89.

Severity ?

4.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CWE

CWE-116 - Improper Encoding or Escaping of Output

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Clinical-Genomics/scout/securi…	x_refsource_CONFIRM
	https://github.com/Clinical-Genomics/scout/commit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Clinical-Genomics	scout	Affected: <= 4.88.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:clinical-genomics:scout:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "scout",
            "vendor": "clinical-genomics",
            "versions": [
              {
                "lessThanOrEqual": "4.88.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47531",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-30T16:30:09.440058Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-30T16:31:07.889Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "scout",
          "vendor": "Clinical-Genomics",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 4.88.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users\u0027 devices or data. This vulnerability is fixed in 4.89."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-116",
              "description": "CWE-116: Improper Encoding or Escaping of Output",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-30T15:26:49.421Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r"
        },
        {
          "name": "https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5"
        }
      ],
      "source": {
        "advisory": "GHSA-24xv-q29v-3h6r",
        "discovery": "UNKNOWN"
      },
      "title": "Scout contains insufficient output escaping of attachment names"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-47531",
    "datePublished": "2024-09-30T15:26:49.421Z",
    "dateReserved": "2024-09-25T21:46:10.929Z",
    "dateUpdated": "2024-09-30T16:31:07.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clinical-genomics:scout:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.89\", \"matchCriteriaId\": \"44ADA126-F97E-4ADC-AE4C-7C54D3375D19\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users\u0027 devices or data. This vulnerability is fixed in 4.89.\"}, {\"lang\": \"es\", \"value\": \"Scout es un visualizador web para archivos VCF. Debido a la falta de desinfecci\\u00f3n en el nombre de archivo, es posible eludir la extensi\\u00f3n de archivo deseada y hacer que los usuarios descarguen archivos maliciosos con cualquier extensi\\u00f3n. Si se inyecta contenido malicioso dentro de los datos del archivo y los usuarios lo descargan y abren sin saberlo, es posible que se vean comprometidos los dispositivos o los datos de los usuarios. Esta vulnerabilidad se solucion\\u00f3 en la versi\\u00f3n 4.89.\"}]",
      "id": "CVE-2024-47531",
      "lastModified": "2024-11-15T18:02:14.250",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\", \"baseScore\": 4.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 3.5, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 1.4}]}",
      "published": "2024-09-30T16:15:09.750",
      "references": "[{\"url\": \"https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-116\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-47531\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-09-30T16:15:09.750\",\"lastModified\":\"2024-11-15T18:02:14.250\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users\u0027 devices or data. This vulnerability is fixed in 4.89.\"},{\"lang\":\"es\",\"value\":\"Scout es un visualizador web para archivos VCF. Debido a la falta de desinfecci\u00f3n en el nombre de archivo, es posible eludir la extensi\u00f3n de archivo deseada y hacer que los usuarios descarguen archivos maliciosos con cualquier extensi\u00f3n. Si se inyecta contenido malicioso dentro de los datos del archivo y los usuarios lo descargan y abren sin saberlo, es posible que se vean comprometidos los dispositivos o los datos de los usuarios. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 4.89.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":4.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-116\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clinical-genomics:scout:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.89\",\"matchCriteriaId\":\"44ADA126-F97E-4ADC-AE4C-7C54D3375D19\"}]}]}],\"references\":[{\"url\":\"https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47531\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-30T16:30:09.440058Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:clinical-genomics:scout:-:*:*:*:*:*:*:*\"], \"vendor\": \"clinical-genomics\", \"product\": \"scout\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.88.1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-30T16:31:02.300Z\"}}], \"cna\": {\"title\": \"Scout contains insufficient output escaping of attachment names\", \"source\": {\"advisory\": \"GHSA-24xv-q29v-3h6r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Clinical-Genomics\", \"product\": \"scout\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 4.88.1\"}]}], \"references\": [{\"url\": \"https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r\", \"name\": \"https://github.com/Clinical-Genomics/scout/security/advisories/GHSA-24xv-q29v-3h6r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5\", \"name\": \"https://github.com/Clinical-Genomics/scout/commit/f59e50f8ea596e641da8a0e9c7a33c0696bcbea5\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users\u0027 devices or data. This vulnerability is fixed in 4.89.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-116\", \"description\": \"CWE-116: Improper Encoding or Escaping of Output\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-30T15:26:49.421Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-47531\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-30T16:31:07.889Z\", \"dateReserved\": \"2024-09-25T21:46:10.929Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-09-30T15:26:49.421Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2024-47531

Vulnerability from fkie_nvd - Published: 2024-09-30 16:15 - Updated: 2024-11-15 18:02

Severity ?

4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N