FKIE_CVE-2024-47579

Vulnerability from fkie_nvd - Published: 2024-12-10 01:15 - Updated: 2024-12-10 01:15
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows the attacker to read any file on the server with no effect on integrity or availability
References
cna@sap.comhttps://me.sap.com/notes/3536965
cna@sap.comhttps://url.sap/sapsecuritypatchday
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server.  Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows the attacker to read any file on the server with no effect on integrity or availability"
    },
    {
      "lang": "es",
      "value": "Un atacante autenticado como administrador puede usar un servicio web expuesto para cargar o descargar un archivo de fuente PDF personalizado en el servidor del sistema. El uso de la funci\u00f3n de carga para copiar un archivo interno en un archivo de fuente y, posteriormente, el uso de la funci\u00f3n de descarga para recuperar ese archivo le permite al atacante leer cualquier archivo en el servidor sin afectar la integridad o la disponibilidad."
    }
  ],
  "id": "CVE-2024-47579",
  "lastModified": "2024-12-10T01:15:05.817",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "cna@sap.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-10T01:15:05.817",
  "references": [
    {
      "source": "cna@sap.com",
      "url": "https://me.sap.com/notes/3536965"
    },
    {
      "source": "cna@sap.com",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "sourceIdentifier": "cna@sap.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-538"
        }
      ],
      "source": "cna@sap.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.