CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
CVE-2023-49198 (GCVE-0-2023-49198)
Vulnerability from cvelistv5 – Published: 2024-08-21 09:37 – Updated: 2024-08-23 13:04- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache SeaTunnel Web |
Affected:
1.0.0
(maven)
|
|
| apache_software_foundation | apache_seatunnel_web |
Affected:
1.0.0
cpe:2.3:a:apache_software_foundation:apache_seatunnel_web:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_seatunnel_web:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apache_seatunnel_web",
"vendor": "apache_software_foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-49198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:09:43.236377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T13:13:52.118Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-21T14:03:03.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/08/21/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"product": "Apache SeaTunnel Web",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "jiahua huang"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mysql security vulnerability in Apache SeaTunnel.\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAttackers can read files on the MySQL server by modifying the information in the MySQL URL\u003cbr\u003e\u003cbr\u003e allowLoadLocalInfile=true\u0026amp;allowUrlInLocalInfile=true\u0026amp;allowLoadLocalInfileInPath=/\u0026amp;maxAllowedPacket=655360\u003c/span\u003e\u003c/tt\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache SeaTunnel: 1.0.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version [1.0.1], which fixes the issue.\u003c/p\u003e"
}
],
"value": "Mysql security vulnerability in Apache SeaTunnel.\n\nAttackers can read files on the MySQL server by modifying the information in the MySQL URL\n\n allowLoadLocalInfile=true\u0026allowUrlInLocalInfile=true\u0026allowLoadLocalInfileInPath=/\u0026maxAllowedPacket=655360\nThis issue affects Apache SeaTunnel: 1.0.0.\n\nUsers are recommended to upgrade to version [1.0.1], which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T13:04:21.616Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/48j9f1nsn037mgzc4j9o51nwglb1s08h"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache SeaTunnel Web: Arbitrary file read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-49198",
"datePublished": "2024-08-21T09:37:57.478Z",
"dateReserved": "2023-11-23T08:40:08.326Z",
"dateUpdated": "2024-08-23T13:04:21.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48710 (GCVE-0-2023-48710)
Vulnerability from cvelistv5 – Published: 2024-04-15 17:47 – Updated: 2024-08-02 21:37- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://github.com/Combodo/iTop/security/advisori… | x_refsource_CONFIRM |
| https://github.com/Combodo/iTop/commit/3b2da39469… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itop",
"vendor": "combodo",
"versions": [
{
"lessThan": "2.7.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.0.4",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:03:48.293598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T19:06:04.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc"
},
{
"name": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iTop",
"vendor": "Combodo",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.10"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.0, \u003c 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module. \n The `pages/exec.php` script as been fixed to limit execution of PHP files only. Other file types won\u0027t be retrieved and exposed. The vulnerability is fixed in 2.7.10, 3.0.4, 3.1.1, and 3.2.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T17:47:51.113Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-g652-q7cc-7hfc"
},
{
"name": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Combodo/iTop/commit/3b2da39469f7a4636ed250ed0d33f4efff38be26"
}
],
"source": {
"advisory": "GHSA-g652-q7cc-7hfc",
"discovery": "UNKNOWN"
},
"title": "iTop limit pages/exec.php script to PHP files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48710",
"datePublished": "2024-04-15T17:47:51.113Z",
"dateReserved": "2023-11-17T19:43:37.555Z",
"dateUpdated": "2024-08-02T21:37:54.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48661 (GCVE-0-2023-48661)
Vulnerability from cvelistv5 – Published: 2023-12-14 15:55 – Updated: 2024-08-02 21:37- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022042… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | vApp Manager |
Affected:
Versions prior to 9.2.4.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vApp Manager",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 9.2.4.x "
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dell Technologies would like to thank 33a6099 for reporting these issues. "
}
],
"datePublic": "2023-12-13T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.\u003c/span\u003e\n\n"
}
],
"value": "\nDell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T15:55:26.488Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-48661",
"datePublished": "2023-12-14T15:55:26.488Z",
"dateReserved": "2023-11-17T06:14:57.041Z",
"dateUpdated": "2024-08-02T21:37:54.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47612 (GCVE-0-2023-47612)
Vulnerability from cvelistv5 – Published: 2023-11-09 12:07 – Updated: 2024-09-04 13:47- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/2023/11… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Telit Cinterion | BGS5 | ||
| Telit Cinterion | EHS5 | ||
| Telit Cinterion | EHS6 | ||
| Telit Cinterion | EHS8 | ||
| Telit Cinterion | PDS5 | ||
| Telit Cinterion | PDS6 | ||
| Telit Cinterion | PDS8 | ||
| Telit Cinterion | ELS61 | ||
| Telit Cinterion | ELS81 | ||
| Telit Cinterion | PLS62 | ||
| telit_cinterion | bgs5 |
Affected:
bgs5
cpe:2.3:a:telit_cinterion:bgs5:*:*:*:*:*:*:*:* |
|
| telit_cinterion | ehs5 |
Affected:
ehs5
cpe:2.3:a:telit_cinterion:ehs5:*:*:*:*:*:*:*:* |
|
| telit_cinterion | ehs6 |
Affected:
ehs6
cpe:2.3:a:telit_cinterion:ehs6:*:*:*:*:*:*:*:* |
|
| telit_cinterion | ehs8 |
Affected:
ehs8
cpe:2.3:a:telit_cinterion:ehs8:*:*:*:*:*:*:*:* |
|
| telit_cinterion | pds5 |
Affected:
pds5
cpe:2.3:a:telit_cinterion:pds5:*:*:*:*:*:*:*:* |
|
| telit_cinterion | pds6 |
Affected:
pds6
cpe:2.3:a:telit_cinterion:pds6:pds6:*:*:*:*:*:*:* |
|
| telit_cinterion | pds8 |
Affected:
pds8
cpe:2.3:a:telit_cinterion:pds8:*:*:*:*:*:*:*:* |
|
| telit_cinterion | els61 |
Affected:
els61
cpe:2.3:a:telit_cinterion:els61:*:*:*:*:*:*:*:* |
|
| telit_cinterion | els81 |
Affected:
els81
cpe:2.3:a:telit_cinterion:els81:*:*:*:*:*:*:*:* |
|
| telit_cinterion | pls62 |
Affected:
pls62
cpe:2.3:a:telit_cinterion:pls62:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "KLCERT-22-194: Telit Cinterion (Thales/Gemalto) modules. Files or Directories Accessible to External Parties vulnerability",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:telit_cinterion:bgs5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bgs5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "bgs5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs6:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs6",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs6"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:ehs8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ehs8",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "ehs8"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds5:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds5",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds5"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds6:pds6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds6",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds6"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pds8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pds8",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pds8"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:els61:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "els61",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "els61"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:els81:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "els81",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "els81"
}
]
},
{
"cpes": [
"cpe:2.3:a:telit_cinterion:pls62:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pls62",
"vendor": "telit_cinterion",
"versions": [
{
"status": "affected",
"version": "pls62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T13:32:02.787633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T13:47:01.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "BGS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS6",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "EHS8",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS5",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS6",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PDS8",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "ELS61",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "ELS81",
"vendor": "Telit Cinterion"
},
{
"defaultStatus": "affected",
"product": "PLS62",
"vendor": "Telit Cinterion"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexander Kozlov from Kaspersky"
},
{
"lang": "en",
"type": "finder",
"value": "Sergey Anufrienko from Kaspersky"
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-09T17:12:52.926Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"name": "KLCERT-22-194: Telit Cinterion (Thales/Gemalto) modules. Files or Directories Accessible to External Parties vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-02-21T12:45:00.000Z",
"value": "Issue discovered by Kaspersky ICS CERT"
},
{
"lang": "en",
"time": "2023-04-27T15:56:00.000Z",
"value": "Confirmed by Telit Cinterion"
}
],
"workarounds": [
{
"lang": "en",
"value": "Control physical access to the device at all stages of transportation to protect against the embedding of backdoors."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2023-47612",
"datePublished": "2023-11-09T12:07:54.815Z",
"dateReserved": "2023-11-07T10:06:48.689Z",
"dateUpdated": "2024-09-04T13:47:01.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45594 (GCVE-0-2023-45594)
Vulnerability from cvelistv5 – Published: 2024-03-05 11:28 – Updated: 2024-08-12 17:31- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| AiLux | imx6 bundle |
Affected:
0 , < 1.0.7-2
(semver)
|
|
| ailux | imx6_bundle |
Affected:
0 , < 1.0.7-2
(semver)
cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:21:16.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45594"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "imx6_bundle",
"vendor": "ailux",
"versions": [
{
"lessThan": "1.0.7-2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T16:07:31.819294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T17:31:54.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "imx6 bundle",
"vendor": "AiLux",
"versions": [
{
"lessThan": "1.0.7-2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A CWE-552 \u201cFiles or Directories Accessible to External Parties\u201d vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download/upload files to/from the file system, with unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
}
],
"value": "A CWE-552 \u201cFiles or Directories Accessible to External Parties\u201d vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download/upload files to/from the file system, with unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
}
],
"impacts": [
{
"capecId": "CAPEC-17",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-17 Using Malicious Files"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T11:28:38.333Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45594"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2023-45594",
"datePublished": "2024-03-05T11:28:38.333Z",
"dateReserved": "2023-10-09T08:26:54.316Z",
"dateUpdated": "2024-08-12T17:31:54.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45160 (GCVE-0-2023-45160)
Vulnerability from cvelistv5 – Published: 2023-10-05 15:12 – Updated: 2025-06-18 18:41- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://www.teamviewer.com/en/resources/trust-cen… | |
| https://www.1e.com/trust-security-compliance/cve-info/ | x_transferred |
| https://1e.my.site.com/s/ | x_transferred |
| https://www.1e.com/vulnerability-disclosure-policy/ | x_transferred |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:19.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.1e.com/trust-security-compliance/cve-info/"
},
{
"tags": [
"x_transferred"
],
"url": "https://1e.my.site.com/s/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.1e.com/vulnerability-disclosure-policy/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45160",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T19:08:13.221319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T19:08:24.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "1E Client",
"vendor": "1E",
"versions": [
{
"lessThanOrEqual": "8.1.2.62",
"status": "affected",
"version": "0",
"versionType": "Q23094"
},
{
"lessThanOrEqual": "8.4.1.159",
"status": "affected",
"version": "0",
"versionType": "Q23094"
},
{
"lessThanOrEqual": "9.0.1.88",
"status": "affected",
"version": "0",
"versionType": "Q23094"
},
{
"lessThanOrEqual": "23.7.1.151",
"status": "affected",
"version": "0",
"versionType": "Q23094"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In the affected version of the 1E Client, an o\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erdinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client\u0027s temporary directory is now locked down in the released patch.\u003cbr\u003e\u003cbr\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eResolution: This has been fixed in patch Q23094\u0026nbsp;\u003cbr\u003e\u003cbr\u003eThis issue has also been fixed in the Mac Client in updated versions of Non-Windows release v8.1.2.62 - please re-download from the 1E Support site. \u003cbr\u003e\u003cbr\u003eCustomers with Mac Client versions higher than v8.1 will need to upgrade to v23.11 to remediate this vulnerability.\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client\u0027s temporary directory is now locked down in the released patch.\n\n\n\nResolution: This has been fixed in patch Q23094\u00a0\n\nThis issue has also been fixed in the Mac Client in updated versions of Non-Windows release v8.1.2.62 - please re-download from the 1E Support site. \n\nCustomers with Mac Client versions higher than v8.1 will need to upgrade to v23.11 to remediate this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-177",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-177 Create files with the same name as files protected with a higher classification"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T18:41:01.614Z",
"orgId": "4a68d2b9-b68a-4765-95bd-17f35092666b",
"shortName": "1E"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/1e-2023-2002/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elevated Temp Directory Execution in 1E Client",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a68d2b9-b68a-4765-95bd-17f35092666b",
"assignerShortName": "1E",
"cveId": "CVE-2023-45160",
"datePublished": "2023-10-05T15:12:20.743Z",
"dateReserved": "2023-10-04T23:59:54.078Z",
"dateUpdated": "2025-06-18T18:41:01.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41916 (GCVE-0-2023-41916)
Vulnerability from cvelistv5 – Published: 2024-07-15 07:53 – Updated: 2025-03-14 15:16- CWE-552 - Files or Directories Accessible to External Parties
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Linkis DataSource |
Affected:
1.4.0 , < 1.5.0
(maven)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T15:17:30.681890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T15:16:15.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-13T17:03:55.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/13/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.linkis:linkis-metadata-query-service-jdbc",
"product": "Apache Linkis DataSource",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.5.0",
"status": "affected",
"version": "1.4.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Pho3n1x "
},
{
"lang": "en",
"type": "reporter",
"value": " L0ne1y"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003earbitrary file reading\u003c/span\u003e. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected.\u0026nbsp;\u003cbr\u003eWe recommend users upgrade the version of Linkis to version 1.5.0.\n\n\u003cbr\u003e\n\n"
}
],
"value": "\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger\u00a0arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected.\u00a0\nWe recommend users upgrade the version of Linkis to version 1.5.0.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T07:53:57.843Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-41916",
"datePublished": "2024-07-15T07:53:57.843Z",
"dateReserved": "2023-09-05T07:51:39.686Z",
"dateUpdated": "2025-03-14T15:16:15.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39545 (GCVE-0-2023-39545)
Vulnerability from cvelistv5 – Published: 2023-11-17 05:30 – Updated: 2024-08-29 14:31- CWE-552 - Files or directories accessible to external parties
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | CLUSTERPRO X (EXPRESSCLUSTER X) |
Affected:
1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1
|
|
| NEC Corporation | CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe) |
Affected:
1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T14:29:22.540390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:31:29.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CLUSTERPRO X (EXPRESSCLUSTER X)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1"
}
]
},
{
"product": "CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mr. David Levard in Videotron."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\u003c/p\u003e"
}
],
"value": "CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or directories accessible to external parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T11:49:21.575Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2023-39545",
"datePublished": "2023-11-17T05:30:10.859Z",
"dateReserved": "2023-08-04T07:22:19.322Z",
"dateUpdated": "2024-08-29T14:31:29.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39480 (GCVE-0-2023-39480)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Softing | Secure Integration Server |
Affected:
1.22.0.8686
|
|
| softing | secure_integration_server |
Affected:
1.22.0.8686
cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_integration_server",
"vendor": "softing",
"versions": [
{
"status": "affected",
"version": "1.22.0.8686"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T15:29:33.855719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T15:42:02.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1062",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Secure Integration Server",
"vendor": "Softing",
"versions": [
{
"status": "affected",
"version": "1.22.0.8686"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.526Z",
"datePublic": "2023-08-09T18:04:40.922Z",
"descriptions": [
{
"lang": "en",
"value": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20549."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:45.099Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1062",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39480",
"datePublished": "2024-05-03T02:10:45.099Z",
"dateReserved": "2023-08-02T21:37:23.125Z",
"dateUpdated": "2024-08-02T18:10:20.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39479 (GCVE-0-2023-39479)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10- CWE-552 - Files or Directories Accessible to External Parties
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Softing | Secure Integration Server |
Affected:
1.22.0.8686
|
|
| softing | secure_integration_server |
Affected:
1.22.0.8686
cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_integration_server",
"vendor": "softing",
"versions": [
{
"status": "affected",
"version": "1.22.0.8686"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T15:40:12.735732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:01.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1061",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Secure Integration Server",
"vendor": "Softing",
"versions": [
{
"status": "affected",
"version": "1.22.0.8686"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.520Z",
"datePublic": "2023-08-09T18:04:34.926Z",
"descriptions": [
{
"lang": "en",
"value": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20548."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:44.345Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1061",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39479",
"datePublished": "2024-05-03T02:10:44.345Z",
"dateReserved": "2023-08-02T21:37:23.125Z",
"dateUpdated": "2024-08-02T18:10:20.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.