CWE-807
AllowedReliance on Untrusted Inputs in a Security Decision
Abstraction: Base · Status: Incomplete
The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
145 vulnerabilities reference this CWE, most recent first.
CVE-2024-52327 (GCVE-0-2024-52327)
Vulnerability from cvelistv5 – Published: 2025-01-23 16:39 – Updated: 2025-02-12 20:41| Vendor | Product | Version | |
|---|---|---|---|
| ECOVACS | ECOVACS HOME |
Affected:
0 , < 3.0.2
(custom)
Unaffected: 3.0.2 |
|
| ECOVACS | cloud service |
Affected:
0 , < 2024-12-17
(custom)
Unaffected: 2024-12-17 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52327",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:53:52.437051Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:28.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ECOVACS HOME",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "3.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.0.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "cloud service",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "2024-12-17",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2024-12-17"
}
]
}
],
"datePublic": "2023-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-603",
"description": "CWE-603 Use of Client-Side Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T16:39:27.516Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"name": "url",
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217002"
}
],
"title": "ECOVACS lawnmower and vacuum cloud service live video PIN bypass"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52327",
"datePublished": "2025-01-23T16:39:27.516Z",
"dateReserved": "2024-11-08T01:06:02.404Z",
"dateUpdated": "2025-02-12T20:41:28.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51561 (GCVE-0-2024-51561)
Vulnerability from cvelistv5 – Published: 2024-11-04 12:29 – Updated: 2024-11-04 14:59- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://www.cert-in.org.in/s2cMainServlet?pageid=… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Brokerage Technology Solutions | Aero |
Affected:
<120820241550
|
|
| brokeragetechnologysolutions | aero |
Affected:
0 , < 120820241550
(custom)
cpe:2.3:a:brokeragetechnologysolutions:aero:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:brokeragetechnologysolutions:aero:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "aero",
"vendor": "brokeragetechnologysolutions",
"versions": [
{
"lessThan": "120820241550",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51561",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T14:55:43.154192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:59:07.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Aero",
"vendor": "Brokerage Technology Solutions",
"versions": [
{
"status": "affected",
"version": "\u003c120820241550"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability is reported by Mohit Gadiya."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting and manipulating the responses exchanged during the second factor authentication process. \u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to bypass OTP verification for accessing other user accounts."
}
],
"value": "This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting and manipulating the responses exchanged during the second factor authentication process. \n\nSuccessful exploitation of this vulnerability could allow the attacker to bypass OTP verification for accessing other user accounts."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T12:29:20.563Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0332"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Aero to version 120820241550 \u003cbr\u003e"
}
],
"value": "Upgrade Aero to version 120820241550"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication bypass Vulnerability in Aero",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2024-51561",
"datePublished": "2024-11-04T12:29:20.563Z",
"dateReserved": "2024-10-29T12:55:06.456Z",
"dateUpdated": "2024-11-04T14:59:07.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47254 (GCVE-0-2024-47254)
Vulnerability from cvelistv5 – Published: 2024-11-05 09:13 – Updated: 2026-01-09 13:31- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| 2N | 2N Access Commander |
Affected:
<=3.1.1.2
|
|
| 2n | access_commander |
Affected:
0 , ≤ 3.1.1.2
(custom)
cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "access_commander",
"vendor": "2n",
"versions": [
{
"lessThanOrEqual": "3.1.1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47254",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T14:55:14.974689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T14:55:19.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "2N Access Commander",
"vendor": "2N",
"versions": [
{
"status": "affected",
"version": "\u003c=3.1.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient \nVerification of Data Authenticity vulnerability could allow an attacker \nto escalate their privileges and gain root access to the system.\n\n\u003cbr\u003e"
}
],
"value": "In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient \nVerification of Data Authenticity vulnerability could allow an attacker \nto escalate their privileges and gain root access to the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T13:31:31.984Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.2n.com/en-GB/download/Access-Commander-Security-Advisory-2024-11"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47254",
"datePublished": "2024-11-05T09:13:08.132Z",
"dateReserved": "2024-09-23T16:37:50.255Z",
"dateUpdated": "2026-01-09T13:31:31.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-45654 (GCVE-0-2024-45654)
Vulnerability from cvelistv5 – Published: 2025-01-19 02:19 – Updated: 2025-01-27 21:06- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Security ReaQta |
Affected:
3.12
cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T20:29:36.407640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T21:06:49.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Security ReaQta",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs."
}
],
"value": "IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-19T02:19:11.978Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7175072"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Security ReaQta improper input validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-45654",
"datePublished": "2025-01-19T02:19:11.978Z",
"dateReserved": "2024-09-03T13:50:26.296Z",
"dateUpdated": "2025-01-27T21:06:49.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29039 (GCVE-0-2024-29039)
Vulnerability from cvelistv5 – Published: 2024-06-28 15:48 – Updated: 2025-11-04 17:19- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| tpm2-software | tpm2-tools |
Affected:
< 5.7
|
|
| tpm2_software | tpm2_tools |
Affected:
5.7
cpe:2.3:a:tpm2_software:tpm2_tools:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tpm2_software:tpm2_tools:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tpm2_tools",
"vendor": "tpm2_software",
"versions": [
{
"status": "affected",
"version": "5.7"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29039",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T19:46:09.080274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:50:27.367Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:19:47.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6"
},
{
"name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GI4JFEZBKQQUPJ4RWK6IHEWXAFCEJDPI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFR7SVEWCOXORHPCLLGXEMHFMIGG2MFE/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tpm2-tools",
"vendor": "tpm2-software",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T15:48:25.623Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6"
},
{
"name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
}
],
"source": {
"advisory": "GHSA-8rjm-5f5f-h4q6",
"discovery": "UNKNOWN"
},
"title": "Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29039",
"datePublished": "2024-06-28T15:48:25.623Z",
"dateReserved": "2024-03-14T16:59:47.613Z",
"dateUpdated": "2025-11-04T17:19:47.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28829 (GCVE-0-2024-28829)
Vulnerability from cvelistv5 – Published: 2024-08-20 09:29 – Updated: 2024-08-21 19:37| URL | Tags |
|---|---|
| https://checkmk.com/werk/16249 |
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.3.0 , < 2.3.0p12
(semver)
Affected: 2.2.0 , < 2.2.0p32 (semver) Affected: 2.1.0 , < 2.1.0p47 (semver) Affected: 2.0.0 , ≤ 2.0.0p39 (semver) |
|
| checkmk | checkmk |
Affected:
2.3.0 , < 2.3.0p12
(custom)
Affected: 2.2.0 , < 2.2.0p32 (custom) Affected: 2.1.0 , < 2.1.0p47 (custom) Affected: 2.0.0 , ≤ 2.0.0p39 (custom) cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "checkmk",
"vendor": "checkmk",
"versions": [
{
"lessThan": "2.3.0p12",
"status": "affected",
"version": "2.3.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0p32",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0p47",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28829",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T19:30:50.880166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T19:37:32.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.3.0p12",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p32",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p47",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-272",
"description": "CWE-272: Least Privilege Violation",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T09:29:26.474Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/16249"
}
],
"title": "Privilege escalation in mk_informix plugin"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Checkmk",
"cveId": "CVE-2024-28829",
"datePublished": "2024-08-20T09:29:26.474Z",
"dateReserved": "2024-03-11T13:21:43.122Z",
"dateUpdated": "2024-08-21T19:37:32.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28824 (GCVE-0-2024-28824)
Vulnerability from cvelistv5 – Published: 2024-03-22 10:26 – Updated: 2024-08-02 00:56| URL | Tags |
|---|---|
| https://checkmk.com/werk/16198 |
| Vendor | Product | Version | |
|---|---|---|---|
| Checkmk GmbH | Checkmk |
Affected:
2.3.0 , < 2.3.0b4
(semver)
Affected: 2.2.0 , < 2.2.0p24 (semver) Affected: 2.1.0 , < 2.1.0p41 (semver) Affected: 2.0.0 , ≤ 2.0.0p39 (semver) |
|
| tribe29 | checkmk |
Affected:
2.1.0 , < 2.1.0p41
(custom)
Affected: 2.2.0 , < 2.2.0p24 (custom) cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:* cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:* |
|
| tribe29 | checkmk |
Affected:
2.3.0 , < 2.3.0b4
(custom)
cpe:2.3:a:tribe29:checkmk:2.3.0:*:*:*:*:*:*:* |
|
| tribe29 | checkmk |
Affected:
2.0.0 , ≤ *
(custom)
cpe:2.3:a:tribe29:checkmk:2.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
"cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "checkmk",
"vendor": "tribe29",
"versions": [
{
"lessThan": "2.1.0p41",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.0p24",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tribe29:checkmk:2.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "checkmk",
"vendor": "tribe29",
"versions": [
{
"lessThan": "2.3.0b4",
"status": "affected",
"version": "2.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tribe29:checkmk:2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "checkmk",
"vendor": "tribe29",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-22T14:58:33.907195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T22:58:54.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://checkmk.com/werk/16198"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.3.0b4",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"lessThan": "2.2.0p24",
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"lessThan": "2.1.0p41",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.0p39",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-272",
"description": "CWE-272: Least Privilege Violation",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-22T10:26:35.280Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/16198"
}
],
"title": "Privilege escalation in mk_informix plugin"
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Checkmk",
"cveId": "CVE-2024-28824",
"datePublished": "2024-03-22T10:26:35.280Z",
"dateReserved": "2024-03-11T13:21:43.122Z",
"dateUpdated": "2024-08-02T00:56:58.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13974 (GCVE-0-2024-13974)
Vulnerability from cvelistv5 – Published: 2025-07-21 13:34 – Updated: 2025-07-21 15:00- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| Sophos | Sophos Firewall |
Affected:
0 , < 21.0 MR1 (21.0.1)
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13974",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T15:00:43.012301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T15:00:59.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"lessThan": "21.0 MR1 (21.0.1)",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The UK\u0027s National Cyber Security Centre (NCSC)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall\u2019s DNS environment to achieve remote code execution.\u003c/p\u003e"
}
],
"value": "A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall\u2019s DNS environment to achieve remote code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-598",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-598 DNS Spoofing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T13:36:16.384Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2024-13974",
"datePublished": "2025-07-21T13:34:11.656Z",
"dateReserved": "2025-07-14T09:51:15.265Z",
"dateUpdated": "2025-07-21T15:00:59.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11146 (GCVE-0-2024-11146)
Vulnerability from cvelistv5 – Published: 2025-01-17 05:21 – Updated: 2025-02-28 18:01 Exclusively Hosted Service| Vendor | Product | Version | |
|---|---|---|---|
| i3 Verticals | TrueFiling |
Affected:
0 , < 3.1.112.19
(custom)
Unaffected: 3.1.112.19 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T13:43:44.401861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T17:07:00.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "TrueFiling",
"vendor": "i3 Verticals",
"versions": [
{
"lessThan": "3.1.112.19",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.1.112.19"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alison Breacher"
}
],
"datePublic": "2025-01-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some client-controlled identifiers passed in URL requests to retrieve information. Platform users must self-register for an account, and once authenticated, could manipulate those identifiers to gain partial access to case information and the ability to partially change user access to case information. This vulnerability was addressed in version 3.1.112.19 and all instances were updated by 2024-11-08."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/V:D/RE:L",
"version": "4.0"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-11146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T04:58:23.380042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T18:01:30.397Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2024/va-25-017-01.json"
},
{
"name": "url",
"url": "https://infosec.exchange/@abreacher"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "TrueFiling authorization bypass via user-controlled keys"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-11146",
"datePublished": "2025-01-17T05:21:15.264Z",
"dateReserved": "2024-11-12T15:39:05.410Z",
"dateUpdated": "2025-02-28T18:01:30.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9310 (GCVE-0-2024-9310)
Vulnerability from cvelistv5 – Published: 2025-01-22 18:41 – Updated: 2025-02-12 20:41- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
| Vendor | Product | Version | |
|---|---|---|---|
| Traffic Alert and Collision Avoidance System (TCAS) II | Collision Avoidance Systems |
Affected:
7.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T19:14:28.005852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:24.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Collision Avoidance Systems",
"vendor": "Traffic Alert and Collision Avoidance System (TCAS) II",
"versions": [
{
"status": "affected",
"version": "7.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Giacomo Longo and Enrico Russo of Genova University reported these vulnerabilities to CISA. Martin Strohmeier and Vincent Lenders of armasuisse reported these vulnerabilities to CISA. Alessio Merlo of Centre for High Defense Studies reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBy utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories (RAs).\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories (RAs)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T18:41:09.294Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Traffic Alert and Collision Avoidance System (TCAS) II has a Reliance on Untrusted Inputs in a Security Decision vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAfter consulting with the Federal Aviation Administration (FAA) and the researchers regarding these vulnerabilities, it has been concluded that CVE-2024-11166 can be fully mitigated by upgrading to ACAS X or by upgrading the associated transponder to comply with RTCA DO-181F.\u003c/p\u003e\u003cp\u003eCurrently, there is no mitigation available for CWE-2024-9310.\u003c/p\u003e\u003cp\u003eThese vulnerabilities in the TCAS II standard are exploitable in a lab environment. However, they require very specific conditions to be met and are unlikely to be exploited outside of a lab setting.\u003c/p\u003e\u003cp\u003eOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\u003c/p\u003e\u003cp\u003eNo known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely. These vulnerabilities have a high attack complexity.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "After consulting with the Federal Aviation Administration (FAA) and the researchers regarding these vulnerabilities, it has been concluded that CVE-2024-11166 can be fully mitigated by upgrading to ACAS X or by upgrading the associated transponder to comply with RTCA DO-181F.\n\nCurrently, there is no mitigation available for CWE-2024-9310.\n\nThese vulnerabilities in the TCAS II standard are exploitable in a lab environment. However, they require very specific conditions to be met and are unlikely to be exploited outside of a lab setting.\n\nOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely. These vulnerabilities have a high attack complexity."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-9310",
"datePublished": "2025-01-22T18:41:09.294Z",
"dateReserved": "2024-09-27T22:45:50.842Z",
"dateUpdated": "2025-02-12T20:41:24.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-14
Strategy: Attack Surface Reduction
- Store state information and sensitive data on the server side only.
- Ensure that the system definitively and unambiguously keeps track of its own state and user state and has rules defined for legitimate state transitions. Do not allow any application user to affect state directly in any way other than through legitimate actions leading to state transitions.
- If information must be stored on the client, do not do so without encryption and integrity checking, or otherwise having a mechanism on the server side to catch tampering. Use a message authentication code (MAC) algorithm, such as Hash Message Authentication Code (HMAC) [REF-529]. Apply this against the state or sensitive data that has to be exposed, which can guarantee the integrity of the data - i.e., that the data has not been modified. Ensure that a strong hash function is used (CWE-328).
Mitigation MIT-4.2
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- With a stateless protocol such as HTTP, use a framework that maintains the state for you.
- Examples include ASP.NET View State [REF-756] and the OWASP ESAPI Session Management feature [REF-45].
- Be careful of language features that provide state support, since these might be provided as a convenience to the programmer and may not be considering security.
Mitigation MIT-15
For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Mitigation MIT-16
Strategy: Environment Hardening
When using PHP, configure the application so that it does not use register_globals. During implementation, develop the application so that it does not rely on this feature, but be wary of implementing a register_globals emulation that is subject to weaknesses such as CWE-95, CWE-621, and similar issues.
Mitigation MIT-6
Strategy: Attack Surface Reduction
- Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, filenames, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.
- Identify all inputs that are used for security decisions and determine if you can modify the design so that you do not have to rely on submitted inputs at all. For example, you may be able to keep critical information about the user's session on the server side instead of recording it within external data.
No CAPEC attack patterns related to this CWE.