CVE-2024-5402 (GCVE-0-2024-5402)
Vulnerability from cvelistv5 – Published: 2024-07-15 11:57 – Updated: 2024-08-01 21:11
VLAI?
Summary
Unquoted Search Path or Element vulnerability in ABB Mint Workbench.
A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.
This issue affects Mint Workbench I versions: from 5866 before 5868.
Severity ?
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ABB | Mint Workbench I |
Affected:
5866 , < 5868
(custom)
|
Credits
ABB thanks Yoav Yehudai of Novartis for working with ABB in effort to protect our customers.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:abb:mint_workbench:5866:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mint_workbench",
"vendor": "abb",
"versions": [
{
"lessThan": "5868",
"status": "affected",
"version": "5866",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:08:32.219434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:10:14.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Mint Workbench I",
"vendor": "ABB",
"versions": [
{
"lessThan": "5868",
"status": "affected",
"version": "5866",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB thanks Yoav Yehudai of Novartis for working with ABB in effort to protect our customers."
}
],
"datePublic": "2024-07-15T04:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\u003cbr\u003e\u003cbr\u003e\n\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\n\n\n\u003cp\u003eThis issue affects Mint Workbench I versions: from 5866 before 5868.\u003c/p\u003e"
}
],
"value": "Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\n\n\n\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\n\n\nThis issue affects Mint Workbench I versions: from 5866 before 5868."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:L/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T11:57:44.261Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mint Workbench I Unquoted Service Path Enumeration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-5402",
"datePublished": "2024-07-15T11:57:44.261Z",
"dateReserved": "2024-05-27T06:28:25.877Z",
"dateUpdated": "2024-08-01T21:11:12.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:abb:mint_workbench:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5866\", \"versionEndIncluding\": \"5868\", \"matchCriteriaId\": \"2D3943DF-0CD6-4CB6-A713-3C8308A03F52\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\\n\\n\\n\\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\\n\\n\\nThis issue affects Mint Workbench I versions: from 5866 before 5868.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de elemento o ruta de b\\u00fasqueda sin comillas en ABB Mint Workbench. Un atacante local que aprovechara con \\u00e9xito esta vulnerabilidad podr\\u00eda obtener privilegios elevados insertando un archivo ejecutable en la ruta del servicio afectado. Este problema afecta a las versiones de Mint Workbench I: desde 5866 antes de 5868.\"}]",
"id": "CVE-2024-5402",
"lastModified": "2024-11-21T09:47:34.947",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"cybersecurity@ch.abb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:X\", \"baseScore\": 6.2, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"NONE\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"LOW\", \"subsequentSystemConfidentiality\": \"LOW\", \"subsequentSystemIntegrity\": \"HIGH\", \"subsequentSystemAvailability\": \"HIGH\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NEGLIGIBLE\", \"automatable\": \"YES\", \"recovery\": \"USER\", \"valueDensity\": \"CONCENTRATED\", \"vulnerabilityResponseEffort\": \"LOW\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"cybersecurity@ch.abb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-07-15T12:15:02.340",
"references": "[{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\", \"source\": \"cybersecurity@ch.abb.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cybersecurity@ch.abb.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-428\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-5402\",\"sourceIdentifier\":\"cybersecurity@ch.abb.com\",\"published\":\"2024-07-15T12:15:02.340\",\"lastModified\":\"2024-11-21T09:47:34.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\\n\\n\\n\\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\\n\\n\\nThis issue affects Mint Workbench I versions: from 5866 before 5868.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de elemento o ruta de b\u00fasqueda sin comillas en ABB Mint Workbench. Un atacante local que aprovechara con \u00e9xito esta vulnerabilidad podr\u00eda obtener privilegios elevados insertando un archivo ejecutable en la ruta del servicio afectado. Este problema afecta a las versiones de Mint Workbench I: desde 5866 antes de 5868.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:X\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NEGLIGIBLE\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"LOW\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-428\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:abb:mint_workbench:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5866\",\"versionEndIncluding\":\"5868\",\"matchCriteriaId\":\"2D3943DF-0CD6-4CB6-A713-3C8308A03F52\"}]}]}],\"references\":[{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\",\"source\":\"cybersecurity@ch.abb.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:11:12.639Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5402\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-15T13:08:32.219434Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:abb:mint_workbench:5866:*:*:*:*:*:*:*\"], \"vendor\": \"abb\", \"product\": \"mint_workbench\", \"versions\": [{\"status\": \"affected\", \"version\": \"5866\", \"lessThan\": \"5868\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-15T13:10:09.479Z\"}}], \"cna\": {\"title\": \"Mint Workbench I Unquoted Service Path Enumeration\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"ABB thanks Yoav Yehudai of Novartis for working with ABB in effort to protect our customers.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 6.2, \"Automatable\": \"YES\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:L/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:L\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ABB\", \"product\": \"Mint Workbench I\", \"versions\": [{\"status\": \"affected\", \"version\": \"5866\", \"lessThan\": \"5868\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-07-15T04:30:00.000Z\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7912\u0026LanguageCode=en\u0026DocumentPartId=1\u0026Action=Launch\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\\n\\n\\n\\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\\n\\n\\nThis issue affects Mint Workbench I versions: from 5866 before 5868.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Unquoted Search Path or Element vulnerability in ABB Mint Workbench.\u003cbr\u003e\u003cbr\u003e\\n\\nA local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service.\\n\\n\\n\u003cp\u003eThis issue affects Mint Workbench I versions: from 5866 before 5868.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-428\", \"description\": \"CWE-428 Unquoted Search Path or Element\"}]}], \"providerMetadata\": {\"orgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"shortName\": \"ABB\", \"dateUpdated\": \"2024-07-15T11:57:44.261Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-5402\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:11:12.639Z\", \"dateReserved\": \"2024-05-27T06:28:25.877Z\", \"assignerOrgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"datePublished\": \"2024-07-15T11:57:44.261Z\", \"assignerShortName\": \"ABB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…