CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
CVE-2024-47106 (GCVE-0-2024-47106)
Vulnerability from cvelistv5 – Published: 2025-01-18 16:09 – Updated: 2025-01-21 20:51- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Jazz for Service Management |
Affected:
1.1.3 , ≤ 1.1.3.22
(semver)
cpe:2.3:a:ibm:jazz_for_service_management:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:jazz_for_service_management:1.1.3.22:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T20:51:47.155172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T20:51:51.370Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:jazz_for_service_management:1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:jazz_for_service_management:1.1.3.22:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Jazz for Service Management",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "1.1.3.22",
"status": "affected",
"version": "1.1.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system."
}
],
"value": "IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-18T16:09:47.381Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7178507"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Jazz for Service Management information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-47106",
"datePublished": "2025-01-18T16:09:47.381Z",
"dateReserved": "2024-09-18T19:26:44.571Z",
"dateUpdated": "2025-01-21T20:51:51.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45627 (GCVE-0-2024-45627)
Vulnerability from cvelistv5 – Published: 2025-01-14 16:13 – Updated: 2025-01-14 17:19- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Linkis Metadata Query Service JDBC |
Affected:
1.5.0 , < 1.7.0
(maven)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-14T17:02:47.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/01/14/1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T17:18:08.613371Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:19:09.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.linkis:linkis-metadata-query-service-jdbc",
"product": "Apache Linkis Metadata Query Service JDBC",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "1.5.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Le1a"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Apache Linkis \u0026lt;1.7.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallow the attacker to read arbitrary files from the Linkis server\u003c/span\u003e. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis \u0026lt; 1.7.0 will be affected. \u003cbr\u003eWe recommend users upgrade the version of Linkis to version 1.7.0.\n\n\u003cbr\u003e"
}
],
"value": "In Apache Linkis \u003c1.7.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will \n\nallow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis \u003c 1.7.0 will be affected. \nWe recommend users upgrade the version of Linkis to version 1.7.0."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T16:13:20.135Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/0zzx8lldwoqgzq98mg61hojgpvn76xsh"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45627",
"datePublished": "2025-01-14T16:13:20.135Z",
"dateReserved": "2024-09-03T13:22:06.130Z",
"dateUpdated": "2025-01-14T17:19:09.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43660 (GCVE-0-2024-43660)
Vulnerability from cvelistv5 – Published: 2025-01-09 07:56 – Updated: 2025-03-11 13:07- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://csirt.divd.nl/DIVD-2024-00035/ | third-party-advisory |
| https://csirt.divd.nl/CVE-2024-43660/ | third-party-advisory |
| https://iocharger.com | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Iocharger | Iocharger firmware for AC models |
Affected:
0 , < 24120701
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-43660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:37:36.870610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T14:38:13.440Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Iocharger firmware for AC models",
"vendor": "Iocharger",
"versions": [
{
"lessThan": "24120701",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wilco van Beijnum"
},
{
"lang": "en",
"type": "analyst",
"value": "Harm van den Brink (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
}
],
"datePublic": "2025-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The CGI script \u0026lt;redacted\u0026gt;.sh can be used to download any file on the filesystem.\u003cbr\u003e\u003cbr\u003eThis issue affects Iocharger firmware for AC model chargers beforeversion 24120701.\u003cbr\u003e\u003cbr\u003eLikelihood: High, but credentials required.\u003cbr\u003e\u003cbr\u003eImpact: Critical \u2013 The script can be used to download any file on the filesystem, including sensitive files such as /etc/shadow, the CGI script source code or binaries and configuration files.\u003cbr\u003e\u003cbr\u003eCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y\u003cbr\u003eCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The confidentiality of all files of the devicd can be compromised (VC:H/VI:N/VA:N). There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, this attack in isolation does not have a safety impact. The attack can be automated (AU:Y).\u003cbr\u003e"
}
],
"value": "The CGI script \u003credacted\u003e.sh can be used to download any file on the filesystem.\n\nThis issue affects Iocharger firmware for AC model chargers beforeversion 24120701.\n\nLikelihood: High, but credentials required.\n\nImpact: Critical \u2013 The script can be used to download any file on the filesystem, including sensitive files such as /etc/shadow, the CGI script source code or binaries and configuration files.\n\nCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y\nCVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The confidentiality of all files of the devicd can be compromised (VC:H/VI:N/VA:N). There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, this attack in isolation does not have a safety impact. The attack can be automated (AU:Y)."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:07:16.474Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/DIVD-2024-00035/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-43660/"
},
{
"tags": [
"product"
],
"url": "https://iocharger.com"
}
],
"source": {
"advisory": "DIVD-2024-00035",
"discovery": "EXTERNAL"
},
"title": "Arbitrary file download using \u003credacted\u003e.sh",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-43660",
"datePublished": "2025-01-09T07:56:46.841Z",
"dateReserved": "2024-08-14T09:27:41.769Z",
"dateUpdated": "2025-03-11T13:07:16.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41699 (GCVE-0-2024-41699)
Vulnerability from cvelistv5 – Published: 2024-08-20 12:00 – Updated: 2024-08-20 13:12- CWE-552 - Files or Directories Accessible to External Parties
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T13:05:12.034541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T13:12:10.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Priority",
"vendor": "Priority",
"versions": [
{
"lessThan": "Upgrade to version 24.0 or later",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gad Abuhatziera, Nimrod Bickels, Itay Cherdman - Sophtix Security LTD"
}
],
"datePublic": "2024-08-20T11:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cbr\u003ePriority \u2013 CWE-552: Files or Directories Accessible to External Parties\u003cbr\u003e"
}
],
"value": "Priority \u2013 CWE-552: Files or Directories Accessible to External Parties"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T12:00:22.274Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003eUpgrade to version 24.0 or later. Use configuration option NETFILESAUTH=1 that requires authentication to access files.\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "Upgrade to version 24.0 or later. Use configuration option NETFILESAUTH=1 that requires authentication to access files."
}
],
"source": {
"advisory": "ILVN-2024-0183",
"discovery": "UNKNOWN"
},
"title": "Priority \u2013 CWE-552: Files or Directories Accessible to External Parties",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-41699",
"datePublished": "2024-08-20T12:00:22.274Z",
"dateReserved": "2024-07-21T07:20:40.644Z",
"dateUpdated": "2024-08-20T13:12:10.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39581 (GCVE-0-2024-39581)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:49 – Updated: 2024-09-10 13:18- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022841… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale InsightIQ |
Affected:
5.0 , ≤ 5.1
(semver)
|
|
| dell | powerscale_insightiq |
Affected:
5.0 , ≤ 5.1
(semver)
cpe:2.3:a:dell:powerscale_insightiq:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dell:powerscale_insightiq:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "powerscale_insightiq",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:10:59.735072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:18:42.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale InsightIQ",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-09T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files."
}
],
"value": "Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:49:57.279Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-39581",
"datePublished": "2024-09-10T08:49:57.279Z",
"dateReserved": "2024-06-26T02:14:30.867Z",
"dateUpdated": "2024-09-10T13:18:42.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38876 (GCVE-0-2024-38876)
Vulnerability from cvelistv5 – Published: 2024-08-02 10:36 – Updated: 2025-11-03 21:55- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Omnivise T3000 Application Server R9.2 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 Domain Controller R9.2 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 Product Data Management (PDM) R9.2 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 R8.2 SP3 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 R8.2 SP4 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 Terminal Server R9.2 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 Thin Client R9.2 |
Affected:
0 , < *
(custom)
|
|
| Siemens | Omnivise T3000 Whitelisting Server R9.2 |
Affected:
0 , < *
(custom)
|
|
| siemens | omnivise_t3000_application_server_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_domain_controller_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_product_data_management_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_r8.2_sp3 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_r82_sp4 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_terminal_server_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_thin_client_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:* |
|
| siemens | omnivise_t3000_whitelisting_server_r9.2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_application_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_domain_controller_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_product_data_management_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_r8.2_sp3",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_r82_sp4",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_terminal_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_thin_client_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_whitelisting_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:21:31.609941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:14:54.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:55:53.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Application Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Domain Controller R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Product Data Management (PDM) R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 R8.2 SP3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 R8.2 SP4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Terminal Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Thin Client R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Whitelisting Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:12.401Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-38876",
"datePublished": "2024-08-02T10:36:16.928Z",
"dateReserved": "2024-06-21T08:28:10.677Z",
"dateUpdated": "2025-11-03T21:55:53.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-38429 (GCVE-0-2024-38429)
Vulnerability from cvelistv5 – Published: 2024-07-30 08:45 – Updated: 2024-08-02 04:12- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| Matrix | Tafnit v8 |
Affected:
All versions , < 8.4.202
(custom)
|
|
| matrixglobalservices | tafnit |
Affected:
8.0 , < 8.4.202
(custom)
cpe:2.3:a:matrixglobalservices:tafnit:8.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:matrixglobalservices:tafnit:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tafnit",
"vendor": "matrixglobalservices",
"versions": [
{
"lessThan": "8.4.202",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-30T19:35:15.171307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T19:35:19.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Tafnit v8",
"vendor": "Matrix",
"versions": [
{
"lessThan": "8.4.202",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gad Abuhatziera, Nimrod Bickels, Itay Cherdman - Sophtix Security LTD"
}
],
"datePublic": "2024-07-30T08:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMatrix\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTafnit v8\u003c/span\u003e\n\n - \u0026nbsp;CWE-552: Files or Directories Accessible to External Parties\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Matrix\u00a0Tafnit v8\n\n - \u00a0CWE-552: Files or Directories Accessible to External Parties"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T08:53:56.083Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpgrade to version 8.4.202 or greater. Use \"File Streamer\" option\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Upgrade to version 8.4.202 or greater. Use \"File Streamer\" option"
}
],
"source": {
"advisory": "ILVN-2024-0167",
"discovery": "UNKNOWN"
},
"title": "Matrix - CWE-552: Files or Directories Accessible to External Parties",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-38429",
"datePublished": "2024-07-30T08:45:17.371Z",
"dateReserved": "2024-06-16T08:00:52.285Z",
"dateUpdated": "2024-08-02T04:12:24.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35183 (GCVE-0-2024-35183)
Vulnerability from cvelistv5 – Published: 2024-05-15 21:24 – Updated: 2024-08-02 03:07| URL | Tags |
|---|---|
| https://github.com/wolfi-dev/wolfictl/security/ad… | x_refsource_CONFIRM |
| https://github.com/wolfi-dev/wolfictl/commit/0d06… | x_refsource_MISC |
| https://github.com/wolfi-dev/wolfictl/commit/403e… | x_refsource_MISC |
| https://github.com/wolfi-dev/wolfictl/blob/488b53… | x_refsource_MISC |
| https://github.com/wolfi-dev/wolfictl/blob/4dd6c9… | x_refsource_MISC |
| https://github.com/wolfi-dev/wolfictl/blob/6d9990… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wolfi-dev:wolfictl:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wolfictl",
"vendor": "wolfi-dev",
"versions": [
{
"lessThan": "0.16.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35183",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T18:04:34.704368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:33:34.370Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:07:46.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/commit/0d06e1578300327c212dda26a5ab31d09352b9d0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/commit/0d06e1578300327c212dda26a5ab31d09352b9d0"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/commit/403e93569f46766b4e26e06cf9cd0cae5ee0c2a2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/commit/403e93569f46766b4e26e06cf9cd0cae5ee0c2a2"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/488b53823350caa706de3f01ec0eded9350c7da7/pkg/update/update.go#L143",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/488b53823350caa706de3f01ec0eded9350c7da7/pkg/update/update.go#L143"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/4dd6c95abb4bc0f9306350a8601057bd7a92bded/pkg/update/deps/cleanup.go#L49",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/4dd6c95abb4bc0f9306350a8601057bd7a92bded/pkg/update/deps/cleanup.go#L49"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/6d99909f7b1aa23f732d84dad054b02a61f530e6/pkg/git/git.go#L22",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/6d99909f7b1aa23f732d84dad054b02a61f530e6/pkg/git/git.go#L22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wolfictl",
"vendor": "wolfi-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 0.16.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user\u2019s GitHub token to be sent to remote servers other than `github.com`. Most git-dependent functionality in wolfictl relies on its own `git` package, which contains centralized logic for implementing interactions with git repositories. Some of this functionality requires authentication in order to access private repositories. A central function `GetGitAuth` looks for a GitHub token in the environment variable `GITHUB_TOKEN` and returns it as an HTTP basic auth object to be used with the `github.com/go-git/go-git/v5` library. Most callers (direct or indirect) of `GetGitAuth` use the token to authenticate to github.com only; however, in some cases callers were passing this authentication without checking that the remote git repository was hosted on github.com. This behavior has existed in one form or another since commit 0d06e1578300327c212dda26a5ab31d09352b9d0 - committed January 25, 2023. This impacts anyone who ran the `wolfictl check update` commands with a Melange configuration that included a `git-checkout` directive step that referenced a git repository not hosted on github.com. This also impacts anyone who ran `wolfictl update \u003curl\u003e` with a remote URL outside of github.com. Additionally, these subcommands must have run with the `GITHUB_TOKEN` environment variable set to a valid GitHub token. Users should upgrade to version 0.16.10 to receive a patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668: Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T21:24:23.656Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/commit/0d06e1578300327c212dda26a5ab31d09352b9d0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wolfi-dev/wolfictl/commit/0d06e1578300327c212dda26a5ab31d09352b9d0"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/commit/403e93569f46766b4e26e06cf9cd0cae5ee0c2a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wolfi-dev/wolfictl/commit/403e93569f46766b4e26e06cf9cd0cae5ee0c2a2"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/488b53823350caa706de3f01ec0eded9350c7da7/pkg/update/update.go#L143",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/488b53823350caa706de3f01ec0eded9350c7da7/pkg/update/update.go#L143"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/4dd6c95abb4bc0f9306350a8601057bd7a92bded/pkg/update/deps/cleanup.go#L49",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/4dd6c95abb4bc0f9306350a8601057bd7a92bded/pkg/update/deps/cleanup.go#L49"
},
{
"name": "https://github.com/wolfi-dev/wolfictl/blob/6d99909f7b1aa23f732d84dad054b02a61f530e6/pkg/git/git.go#L22",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wolfi-dev/wolfictl/blob/6d99909f7b1aa23f732d84dad054b02a61f530e6/pkg/git/git.go#L22"
}
],
"source": {
"advisory": "GHSA-8fg7-hp93-qhvr",
"discovery": "UNKNOWN"
},
"title": "wolfictl leaks GitHub tokens to remote non-GitHub git servers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-35183",
"datePublished": "2024-05-15T21:24:23.656Z",
"dateReserved": "2024-05-10T14:24:24.339Z",
"dateUpdated": "2024-08-02T03:07:46.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34066 (GCVE-0-2024-34066)
Vulnerability from cvelistv5 – Published: 2024-05-03 17:42 – Updated: 2024-08-02 02:42- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://github.com/pterodactyl/wings/security/adv… | x_refsource_CONFIRM |
| https://github.com/pterodactyl/wings/commit/5415f… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| pterodactyl | wings |
Affected:
< 1.11.12
|
|
| pterodactyl | wings |
Affected:
- , < 1.11.12
(custom)
cpe:2.3:a:pterodactyl:wings:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pterodactyl:wings:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wings",
"vendor": "pterodactyl",
"versions": [
{
"lessThan": "1.11.12",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34066",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T20:26:38.404132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:52.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw"
},
{
"name": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wings",
"vendor": "pterodactyl",
"versions": [
{
"status": "affected",
"version": "\u003c 1.11.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T17:42:12.412Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw"
},
{
"name": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de"
}
],
"source": {
"advisory": "GHSA-gqmf-jqgv-v8fw",
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Write/Read in Pterodactyl wings"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34066",
"datePublished": "2024-05-03T17:42:12.412Z",
"dateReserved": "2024-04-30T06:56:33.381Z",
"dateUpdated": "2024-08-02T02:42:59.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31141 (GCVE-0-2024-31141)
Vulnerability from cvelistv5 – Published: 2024-11-19 08:40 – Updated: 2025-01-31 15:02| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Kafka Clients |
Affected:
2.3.0 , ≤ 3.5.2
(semver)
Affected: 3.6.0 , ≤ 3.6.2 (semver) Affected: 3.7.0 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-31T15:02:44.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/18/5"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0001/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-31141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T14:14:13.118831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T14:15:34.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.kafka:kafka-clients",
"product": "Apache Kafka Clients",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.5.2",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.6.2",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Greg Harris"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Mickael Maison"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Chris Egerton"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\u003cbr\u003e\u003cbr\u003eApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\u003cbr\u003eIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\u003cbr\u003e\u003cbr\u003eIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\u003cbr\u003e\u003cp\u003eThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers with affected applications are recommended to upgrade kafka-clients to version \u0026gt;=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\u003cbr\u003eUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\u003cbr\u003e\u003c/p\u003eFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property.\u003cbr\u003e\u003c/span\u003e"
}
],
"value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\n\nApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\nIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\n\nIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\nThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\n\n\nUsers with affected applications are recommended to upgrade kafka-clients to version \u003e=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\nUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\n\n\nFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\nFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T08:40:50.695Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-31141",
"datePublished": "2024-11-19T08:40:50.695Z",
"dateReserved": "2024-03-28T16:57:34.016Z",
"dateUpdated": "2025-01-31T15:02:44.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.