github - ghsa-9xch-xvj3-fmf3

ghsa-9xch-xvj3-fmf3

Vulnerability from github

Published

2024-04-10 18:30

Modified

2024-08-22 21:31

Severity

9.8 (Critical) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3566"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T16:15:16Z",
    "severity": "CRITICAL"
  },
  "details": "A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.",
  "id": "GHSA-9xch-xvj3-fmf3",
  "modified": "2024-08-22T21:31:28Z",
  "published": "2024-04-10T18:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3566"
    },
    {
      "type": "WEB",
      "url": "https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows"
    },
    {
      "type": "WEB",
      "url": "https://kb.cert.org/vuls/id/123335"
    },
    {
      "type": "WEB",
      "url": "https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1874"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22423"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24576"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/123335"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2024-3566

Vulnerability from cvelistv5

Published

2024-04-10 15:22

Modified

2024-08-22 18:25

Severity

9.8 (Critical) - cvssV3_1 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Command injection vulnerability in programing languages on Microsoft Windows operating system.

References

URL	Tags
https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way
https://kb.cert.org/vuls/id/123335
https://www.cve.org/CVERecord?id=CVE-2024-24576
https://www.cve.org/CVERecord?id=CVE-2024-1874
https://www.cve.org/CVERecord?id=CVE-2024-22423
https://www.kb.cert.org/vuls/id/123335

Impacted products

Vendor	Product
Node.js	Node.js
Go Programming Language	GoLang
Haskell Programming Language	Haskel

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:07.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/123335"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cve.org/CVERecord?id=CVE-2024-24576"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cve.org/CVERecord?id=CVE-2024-1874"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cve.org/CVERecord?id=CVE-2024-22423"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/123335"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nodejs",
            "vendor": "nodejs",
            "versions": [
              {
                "lessThanOrEqual": "21.7.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:haskell:process_library:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "process_library",
            "vendor": "haskell",
            "versions": [
              {
                "lessThan": "1.6.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "rust",
            "vendor": "rust-lang",
            "versions": [
              {
                "lessThan": "1.77.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:thephpgroup:thephpgroup:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "thephpgroup",
            "vendor": "thephpgroup",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:yt-dlp_project:yt-dlp:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "yt-dlp",
            "vendor": "yt-dlp_project",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-3566",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-15T16:13:02.290928Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:25:43.487Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Windows"
          ],
          "product": "Node.js",
          "vendor": "Node.js",
          "versions": [
            {
              "lessThanOrEqual": "21.7.2",
              "status": "affected",
              "version": "*",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Windows"
          ],
          "product": "GoLang",
          "vendor": "Go Programming Language",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "platforms": [
            "Windows"
          ],
          "product": "Haskel",
          "vendor": "Haskell Programming Language",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T15:26:52.009Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "url": "https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/"
        },
        {
          "url": "https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way"
        },
        {
          "url": "https://kb.cert.org/vuls/id/123335"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24576"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1874"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22423"
        },
        {
          "url": "https://www.kb.cert.org/vuls/id/123335"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Command injection vulnerability in programing languages on Microsoft Windows operating system.",
      "x_generator": {
        "engine": "VINCE 2.1.12",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3566"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2024-3566",
    "datePublished": "2024-04-10T15:22:56.099Z",
    "dateReserved": "2024-04-10T04:58:27.982Z",
    "dateUpdated": "2024-08-22T18:25:43.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.