CVE-2024-48874 (GCVE-0-2024-48874)

Vulnerability from cvelistv5 – Published: 2024-12-06 18:22 – Updated: 2024-12-06 20:39
VLAI?
Summary
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
Impacted products
Vendor Product Version
Ruijie Reyee OS Affected: 2.206.x , < 2.320.x (custom)
Create a notification for this product.
Credits
Tomer Goldschmidt and Noam Moshe of Claroty Team82 reported these vulnerabilities to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:ruijie:reyee_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "reyee_os",
            "vendor": "ruijie",
            "versions": [
              {
                "lessThan": "2.320.x",
                "status": "affected",
                "version": "2.206.x",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48874",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-06T19:23:14.812737Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-06T20:39:47.635Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Reyee OS",
          "vendor": "Ruijie",
          "versions": [
            {
              "lessThan": "2.320.x",
              "status": "affected",
              "version": "2.206.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tomer Goldschmidt and Noam Moshe of Claroty Team82 reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRuijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
            }
          ],
          "value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-06T18:22:15.725Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eRuijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMinimize network exposure for all control system devices and/or systems, ensuring they are \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\"\u003enot accessible from the internet\u003c/a\u003e.\u003c/li\u003e\u003cli\u003eLocate control system networks and remote devices behind firewalls and isolating them from business networks.\u003c/li\u003e\u003cli\u003eWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Ruijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\n\n  *  Minimize network exposure for all control system devices and/or systems, ensuring they are  not accessible from the internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 .\n  *  Locate control system networks and remote devices behind firewalls and isolating them from business networks.\n  *  When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices."
        }
      ],
      "source": {
        "advisory": "ICSA-24-338-01",
        "discovery": "EXTERNAL"
      },
      "title": "Ruijie Reyee OS Server-Side Request Forgery",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-48874",
    "datePublished": "2024-12-06T18:22:15.725Z",
    "dateReserved": "2024-11-20T23:41:59.177Z",
    "dateUpdated": "2024-12-06T20:39:47.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ruijienetworks:reyee_os:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.206.0\", \"versionEndExcluding\": \"2.320.0\", \"matchCriteriaId\": \"0847A16C-8A5D-4016-83E9-6DC80588E105\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.\"}, {\"lang\": \"es\", \"value\": \"Las versiones 2.206.x y 2.320.x del sistema operativo Ruijie Reyee, excepto la 2.320.x, podr\\u00edan dar a los atacantes la capacidad de obligar a los servidores proxy de Ruijie a realizar cualquier solicitud que elijan los atacantes. Con esto, los atacantes podr\\u00edan acceder a los servicios internos utilizados por Ruijie y a su infraestructura de nube interna a trav\\u00e9s de los servicios de metadatos de la nube de AWS.\"}]",
      "id": "CVE-2024-48874",
      "lastModified": "2024-12-10T19:44:16.093",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 9.3, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2024-12-06T19:15:12.933",
      "references": "[{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-918\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-48874\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2024-12-06T19:15:12.933\",\"lastModified\":\"2024-12-10T19:44:16.093\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.\"},{\"lang\":\"es\",\"value\":\"Las versiones 2.206.x y 2.320.x del sistema operativo Ruijie Reyee, excepto la 2.320.x, podr\u00edan dar a los atacantes la capacidad de obligar a los servidores proxy de Ruijie a realizar cualquier solicitud que elijan los atacantes. Con esto, los atacantes podr\u00edan acceder a los servicios internos utilizados por Ruijie y a su infraestructura de nube interna a trav\u00e9s de los servicios de metadatos de la nube de AWS.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ruijienetworks:reyee_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.206.0\",\"versionEndExcluding\":\"2.320.0\",\"matchCriteriaId\":\"0847A16C-8A5D-4016-83E9-6DC80588E105\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-48874\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-06T19:23:14.812737Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:ruijie:reyee_os:*:*:*:*:*:*:*:*\"], \"vendor\": \"ruijie\", \"product\": \"reyee_os\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.206.x\", \"lessThan\": \"2.320.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-06T19:23:15.980Z\"}}], \"cna\": {\"title\": \"Ruijie Reyee OS Server-Side Request Forgery\", \"source\": {\"advisory\": \"ICSA-24-338-01\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Tomer Goldschmidt and Noam Moshe of Claroty Team82 reported these vulnerabilities to CISA.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Ruijie\", \"product\": \"Reyee OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.206.x\", \"lessThan\": \"2.320.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Ruijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\\n\\n  *  Minimize network exposure for all control system devices and/or systems, ensuring they are  not accessible from the internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 .\\n  *  Locate control system networks and remote devices behind firewalls and isolating them from business networks.\\n  *  When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eRuijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMinimize network exposure for all control system devices and/or systems, ensuring they are \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\\\"\u003enot accessible from the internet\u003c/a\u003e.\u003c/li\u003e\u003cli\u003eLocate control system networks and remote devices behind firewalls and isolating them from business networks.\u003c/li\u003e\u003cli\u003eWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.\u003c/li\u003e\u003c/ul\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eRuijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie\u0027s proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services.\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\\n\\n\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-918\", \"description\": \"CWE-918 Server-Side Request Forgery\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2024-12-06T18:22:15.725Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-48874\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-06T20:39:47.635Z\", \"dateReserved\": \"2024-11-20T23:41:59.177Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2024-12-06T18:22:15.725Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.