FKIE_CVE-2024-7254

Vulnerability from fkie_nvd - Published: 2024-09-19 01:15 - Updated: 2025-09-26 17:10
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.
References
cve-coordination@google.comhttps://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaaPatch
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20241213-0010/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20250418-0006/Third Party Advisory
Impacted products
Vendor Product Version
google protobuf *
google protobuf *
google protobuf *
google protobuf-java *
google protobuf-java *
google protobuf-java *
google protobuf-javalite *
google protobuf-javalite *
google protobuf-javalite *
google protobuf-kotlin *
google protobuf-kotlin *
google protobuf-kotlin *
google protobuf-kotlin-lite *
google protobuf-kotlin-lite *
google protobuf-kotlin-lite *
netapp active_iq_unified_manager -
netapp active_iq_unified_manager -
netapp active_iq_unified_manager -
netapp bluexp -
netapp ontap_tools 10
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:protobuf:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "C50F4AA1-FACF-4E77-B816-902F1C10C9AF",
              "versionEndExcluding": "3.25.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "37B0D785-BB15-4CE2-90C8-B7FEA742A5F1",
              "versionEndExcluding": "4.27.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "5CE51BE9-C7F9-4EB3-9B1D-BECA68DA8868",
              "versionEndExcluding": "4.28.2",
              "versionStartIncluding": "4.28.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE3EBF5-0F04-4ACE-8501-B79572502038",
              "versionEndExcluding": "3.25.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "057A393B-2BB0-4521-8A8A-04D12662016E",
              "versionEndExcluding": "4.27.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEF83AD-D962-4D8C-9B58-7EE8D0CC01CB",
              "versionEndExcluding": "4.28.2",
              "versionStartIncluding": "4.28.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C9858A-1CCF-4328-AA1C-B20A63E243D3",
              "versionEndExcluding": "3.25.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC4FC312-9D4A-457E-9DA5-842E439CE9E4",
              "versionEndExcluding": "4.27.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "136274DE-2B1D-4804-9EFE-8602D7D13B5F",
              "versionEndExcluding": "4.28.2",
              "versionStartIncluding": "4.28.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F57333C4-99AE-4034-9F29-70BD2EE508D5",
              "versionEndExcluding": "3.25.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DA17611-407B-4D15-B9BB-B07CB969F698",
              "versionEndExcluding": "4.27.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98243D7D-ABAA-4BF4-ADEE-FDE4276A87B1",
              "versionEndExcluding": "4.28.2",
              "versionStartIncluding": "4.28.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "835D9D4B-77B5-4E38-8C45-906EFE324314",
              "versionEndExcluding": "3.25.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C23CB89D-FA76-467D-82AD-BE7044E57709",
              "versionEndExcluding": "4.27.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2646A2B8-D8E6-4501-AFB9-35C7FFC27CCE",
              "versionEndIncluding": "4.28.2",
              "versionStartIncluding": "4.28.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
              "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC1AE8BD-EE3F-494C-9F03-D4B2B7233106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "5333B745-F7A3-46CB-8437-8668DB08CD6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Any project that parses untrusted Protocol Buffers data\u00a0containing an arbitrary number of nested groups / series of SGROUP\u00a0tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker."
    },
    {
      "lang": "es",
      "value": "Cualquier proyecto que analice datos de Protocol Buffers no confiables que contengan una cantidad arbitraria de grupos anidados o series de etiquetas SGROUP puede corromperse si se excede el l\u00edmite de la pila, es decir, StackOverflow. Analizar grupos anidados como campos desconocidos con DiscardUnknownFieldsParser o el analizador Java Protobuf Lite, o contra campos de mapa Protobuf, crea recursiones ilimitadas que pueden ser utilizadas de forma abusiva por un atacante."
    }
  ],
  "id": "CVE-2024-7254",
  "lastModified": "2025-09-26T17:10:19.847",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "cve-coordination@google.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-19T01:15:10.963",
  "references": [
    {
      "source": "cve-coordination@google.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20241213-0010/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20250418-0006/"
    }
  ],
  "sourceIdentifier": "cve-coordination@google.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-674"
        }
      ],
      "source": "cve-coordination@google.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.