Vulnerabilites related to siemens - sinec_ins
cve-2021-4160
Vulnerability from cvelistv5
Published
2022-01-28 21:28
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-4160", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-24T15:29:13.671400Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-24T15:29:25.029Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T17:16:04.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220128.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { name: "DSA-5103", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.1 (Affected 3.0.0)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb)", }, ], }, ], credits: [ { lang: "en", value: "Bernd Edlinger", }, ], datePublic: "2022-01-28T00:00:00", descriptions: [ { lang: "en", value: "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "carry-propagating bug", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:06.907595", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220128.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { name: "DSA-5103", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "BN_mod_exp may produce incorrect results on MIPS", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-4160", datePublished: "2022-01-28T21:28:41.076292Z", dateReserved: "2021-12-23T00:00:00", dateUpdated: "2024-09-16T23:51:52.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25220
Vulnerability from cvelistv5
Published
2022-03-23 12:50
Modified
2024-09-16 17:08
Severity ?
EPSS score ?
Summary
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ISC | BIND |
Version: Open Source Branch 9.11 9.11.0 through versions before 9.11.37 Version: Development Branch 9.17 BIND 9.17 all version Version: Open Source Branch 9.12-16 9.12.0 through versions before 9.16.27 Version: Open Source Branch 9.18 9.18.0 Version: Supported Preview Branch 9.11-S 9.11.0-S through versions before 9.11.37-S Version: Supported Preview Branch 9.16-S 9.16.0-S through versions before 9.16.27-S |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.083Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://kb.isc.org/v1/docs/cve-2021-25220", }, { name: "FEDORA-2022-14e36aac0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { name: "FEDORA-2022-042d9c6146", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { name: "FEDORA-2022-a88218de5c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/", }, { name: "FEDORA-2022-05918f0838", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/", }, { name: "FEDORA-2022-3f293290c3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-25", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-25", }, { tags: [ "x_transferred", ], url: "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIND", vendor: "ISC", versions: [ { status: "affected", version: "Open Source Branch 9.11 9.11.0 through versions before 9.11.37", }, { status: "affected", version: "Development Branch 9.17 BIND 9.17 all version", }, { status: "affected", version: "Open Source Branch 9.12-16 9.12.0 through versions before 9.16.27", }, { status: "affected", version: "Open Source Branch 9.18 9.18.0", }, { status: "affected", version: "Supported Preview Branch 9.11-S 9.11.0-S through versions before 9.11.37-S", }, { status: "affected", version: "Supported Preview Branch 9.16-S 9.16.0-S through versions before 9.16.27-S", }, ], }, ], credits: [ { lang: "en", value: "ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from Network and Information Security Lab, Tsinghua University and Changgen Zou from Qi An Xin Group Corp. for discovering and reporting this issue.", }, ], datePublic: "2022-03-16T00:00:00", descriptions: [ { lang: "en", value: "BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "When using forwarders, bogus NS records supplied by, or via, those forwarders may be cached and used by named if it needs to recurse for any reason, causing it to obtain and pass on potentially incorrect answers. Some examples of configurations that will be vulnerable are: Resolvers using per zone or global forwarding with forward first (forward first is the default). Resolvers not using global forwarding, but with per-zone forwarding with either forward first (the default) or forward only. Resolvers configured with global forwarding along with zone statements that disable forwarding for part of the DNS namespace. Authoritative-only BIND 9 servers are not vulnerable to this flaw. BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-23T00:00:00", orgId: "404fd4d2-a609-4245-b543-2c944a302a22", shortName: "isc", }, references: [ { url: "https://kb.isc.org/v1/docs/cve-2021-25220", }, { name: "FEDORA-2022-14e36aac0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { name: "FEDORA-2022-042d9c6146", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/", }, { url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { name: "FEDORA-2022-a88218de5c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/", }, { name: "FEDORA-2022-05918f0838", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/", }, { name: "FEDORA-2022-3f293290c3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-25", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, { url: "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US", }, ], solutions: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of BIND:\n BIND 9.11.37\n BIND 9.16.27\n BIND 9.18.1\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n BIND 9.11.37-S1\n BIND 9.16.27-S1", }, ], source: { discovery: "EXTERNAL", }, title: "DNS forwarders - cache poisoning vulnerability", workarounds: [ { lang: "en", value: "If applicable, modify your configuration to either remove all forwarding or all possibility of recursion. Depending on your use-case, it may be possible to use other zone types to replace forward zones.\nActive exploits: We are not aware of any active exploits.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22", assignerShortName: "isc", cveId: "CVE-2021-25220", datePublished: "2022-03-23T12:50:10.367480Z", dateReserved: "2021-01-15T00:00:00", dateUpdated: "2024-09-16T17:08:54.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12762
Vulnerability from cvelistv5
Published
2020-05-09 00:00
Modified
2024-08-04 12:04
Severity ?
EPSS score ?
Summary
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:04:22.874Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/json-c/json-c/pull/592", }, { tags: [ "x_transferred", ], url: "https://github.com/rsyslog/libfastjson/issues/161", }, { name: "FEDORA-2020-63c6f4ab1d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/", }, { name: "USN-4360-1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://usn.ubuntu.com/4360-1/", }, { name: "FEDORA-2020-847ad856ab", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/", }, { name: "FEDORA-2020-7eb7eac270", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/", }, { name: "[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-1] json-c security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html", }, { name: "[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-2] json-c regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html", }, { name: "USN-4360-4", tags: [ "vendor-advisory", "x_transferred", ], url: "https://usn.ubuntu.com/4360-4/", }, { name: "GLSA-202006-13", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-13", }, { name: "[debian-lts-announce] 20200730 [SECURITY] [DLA 2301-1] json-c security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html", }, { name: "DSA-4741", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4741", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210521-0001/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "[debian-lts-announce] 20230620 [SECURITY] [DLA 3461-1] libfastjson security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-20T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/json-c/json-c/pull/592", }, { url: "https://github.com/rsyslog/libfastjson/issues/161", }, { name: "FEDORA-2020-63c6f4ab1d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/", }, { name: "USN-4360-1", tags: [ "vendor-advisory", ], url: "https://usn.ubuntu.com/4360-1/", }, { name: "FEDORA-2020-847ad856ab", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/", }, { name: "FEDORA-2020-7eb7eac270", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/", }, { name: "[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-1] json-c security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html", }, { name: "[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-2] json-c regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html", }, { name: "USN-4360-4", tags: [ "vendor-advisory", ], url: "https://usn.ubuntu.com/4360-4/", }, { name: "GLSA-202006-13", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202006-13", }, { name: "[debian-lts-announce] 20200730 [SECURITY] [DLA 2301-1] json-c security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html", }, { name: "DSA-4741", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2020/dsa-4741", }, { url: "https://security.netapp.com/advisory/ntap-20210521-0001/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "[debian-lts-announce] 20230620 [SECURITY] [DLA 3461-1] libfastjson security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12762", datePublished: "2020-05-09T00:00:00", dateReserved: "2020-05-09T00:00:00", dateUpdated: "2024-08-04T12:04:22.874Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23337
Vulnerability from cvelistv5
Published
2021-02-15 12:15
Modified
2024-09-16 19:15
Severity ?
EPSS score ?
Summary
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://snyk.io/vuln/SNYK-JS-LODASH-1040724 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932 | x_refsource_MISC | |
| https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851 | x_refsource_MISC | |
| https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210312-0006/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:05:55.700Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Lodash", vendor: "n/a", versions: [ { status: "affected", version: "prior to 4.17.21", }, ], }, ], credits: [ { lang: "en", value: "Marc Hassan", }, ], datePublic: "2021-02-15T00:00:00", descriptions: [ { lang: "en", value: "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "HIGH", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 6.8, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Command Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:34", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "Command Injection", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-02-15T12:13:18.729628Z", ID: "CVE-2021-23337", STATE: "PUBLIC", TITLE: "Command Injection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Lodash", version: { version_data: [ { version_value: "prior to 4.17.21", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Marc Hassan", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Command Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", }, { name: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", refsource: "MISC", url: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { name: "https://security.netapp.com/advisory/ntap-20210312-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2021-23337", datePublished: "2021-02-15T12:15:14.715164Z", dateReserved: "2021-01-08T00:00:00", dateUpdated: "2024-09-16T19:15:17.074Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48431
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:30:35.087Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427).", }, ], metrics: [ { cvssV3_1: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-754", description: "CWE-754: Improper Check for Unusual or Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:27:23.326Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48431", datePublished: "2023-12-12T11:27:23.326Z", dateReserved: "2023-11-16T16:30:40.850Z", dateUpdated: "2024-08-02T21:30:35.087Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46890
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-12 14:28
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:sinec_ins:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sinec_ins", vendor: "seimens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-46890", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T14:26:52.518770Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T14:28:21.227Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 9.4, baseSeverity: "CRITICAL", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T12:49:41.829Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-46890", datePublished: "2024-11-12T12:49:41.829Z", dateReserved: "2024-09-12T11:24:19.243Z", dateUpdated: "2024-11-12T14:28:21.227Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48428
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:30:34.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:27:19.590Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48428", datePublished: "2023-12-12T11:27:19.590Z", dateReserved: "2023-11-16T16:30:40.849Z", dateUpdated: "2024-08-02T21:30:34.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7793
Vulnerability from cvelistv5
Published
2020-12-11 13:25
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
References
| ▼ | URL | Tags |
|---|---|---|
| https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387 | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388 | x_refsource_MISC | |
| https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18 | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ua-parser-js |
Version: unspecified < 0.7.23 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:41:01.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ua-parser-js", vendor: "n/a", versions: [ { lessThan: "0.7.23", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Yeting Li", }, { lang: "en", value: "Miguel de Moura", }, ], datePublic: "2020-12-11T00:00:00", descriptions: [ { lang: "en", value: "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 6.7, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Regular Expression Denial of Service (ReDoS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:19", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "Regular Expression Denial of Service (ReDoS)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2020-12-11T13:20:48.750609Z", ID: "CVE-2020-7793", STATE: "PUBLIC", TITLE: "Regular Expression Denial of Service (ReDoS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ua-parser-js", version: { version_data: [ { version_affected: "<", version_value: "0.7.23", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Yeting Li", }, { lang: "eng", value: "Miguel de Moura", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Regular Expression Denial of Service (ReDoS)", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", }, { name: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", refsource: "MISC", url: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2020-7793", datePublished: "2020-12-11T13:25:17.521640Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T22:45:09.822Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2097
Vulnerability from cvelistv5
Published
2022-07-05 10:30
Modified
2024-09-17 01:06
Severity ?
EPSS score ?
Summary
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220705.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { name: "FEDORA-2022-3fdc2d3047", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { name: "FEDORA-2022-89a17be281", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5343", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { name: "[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "openssl", vendor: "openssl", versions: [ { lessThan: "1.1.1q", status: "affected", version: "1.1.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:openssl:openssl:3.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "openssl", vendor: "openssl", versions: [ { lessThan: "3.0.5", status: "affected", version: "3.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:netapp:ontap_antivirus_connector:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ontap_antivirus_connector", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ontap_select_deploy_administration_utility", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fedora", vendor: "fedoraproject", versions: [ { status: "affected", version: "35", }, { status: "affected", version: "36", }, ], }, { cpes: [ "cpe:2.3:a:netapp:active_iq_unified_manager_for_vmware_vsphere:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "active_iq_unified_manager_for_vmware_vsphere", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "hci_baseboard_management_controller", vendor: "netapp", versions: [ { status: "affected", version: "h300s", }, { status: "affected", version: "h410c", }, { status: "affected", version: "h410s", }, { status: "affected", version: "h500s", }, { status: "affected", version: "h700s", }, ], }, { cpes: [ "cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "brocade_fabric_operating_system_firmware", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "snapcenter", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "oncommand_insight", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:smi-s_provider:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "smi-s_provider", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sinec_ins", vendor: "siemens", versions: [ { lessThan: "1.0_sp2_update_1", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "debian_linux", vendor: "debian", versions: [ { status: "affected", version: "10.0", }, { status: "affected", version: "11.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-2097", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-26T19:45:07.166681Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-08T15:19:36.662Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p)", }, ], }, ], credits: [ { lang: "en", value: "Alex Chernyakhovsky", }, ], datePublic: "2022-07-05T00:00:00", descriptions: [ { lang: "en", value: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Fencepost error", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:25.963480", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220705.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { name: "FEDORA-2022-3fdc2d3047", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { name: "FEDORA-2022-89a17be281", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5343", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { name: "[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "AES OCB fails to encrypt some bytes", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2022-2097", datePublished: "2022-07-05T10:30:13.658000Z", dateReserved: "2022-06-16T00:00:00", dateUpdated: "2024-09-17T01:06:49.390Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46889
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-12 14:30
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:sinec_ins:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sinec_ins", vendor: "seimens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-46889", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T14:29:00.705847Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T14:30:25.375Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 6.9, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-321", description: "CWE-321: Use of Hard-coded Cryptographic Key", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T12:49:40.474Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-46889", datePublished: "2024-11-12T12:49:40.474Z", dateReserved: "2024-09-12T11:24:19.243Z", dateUpdated: "2024-11-12T14:30:25.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28168
Vulnerability from cvelistv5
Published
2020-11-06 19:22
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/axios/axios/issues/3369 | x_refsource_MISC | |
| https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e%40%3Ccommits.druid.apache.org%3E | mailing-list, x_refsource_MLIST | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:33:57.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/axios/axios/issues/3369", }, { name: "[druid-commits] 20210107 [GitHub] [druid] jon-wei opened a new pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210107 [GitHub] [druid] clintropolis merged pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210127 [druid] 01/02: Update deps for CVE-2020-28168 and CVE-2020-28052 (#10733)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/axios/axios/issues/3369", }, { name: "[druid-commits] 20210107 [GitHub] [druid] jon-wei opened a new pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210107 [GitHub] [druid] clintropolis merged pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210127 [druid] 01/02: Update deps for CVE-2020-28168 and CVE-2020-28052 (#10733)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-28168", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/axios/axios/issues/3369", refsource: "MISC", url: "https://github.com/axios/axios/issues/3369", }, { name: "[druid-commits] 20210107 [GitHub] [druid] jon-wei opened a new pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210107 [GitHub] [druid] clintropolis merged pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210127 [druid] 01/02: Update deps for CVE-2020-28168 and CVE-2020-28052 (#10733)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-28168", datePublished: "2020-11-06T19:22:38", dateReserved: "2020-11-02T00:00:00", dateUpdated: "2024-08-04T16:33:57.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45092
Vulnerability from cvelistv5
Published
2023-01-10 11:39
Modified
2024-08-03 14:01
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:01:31.534Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-10T11:39:41.994Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-45092", datePublished: "2023-01-10T11:39:41.994Z", dateReserved: "2022-11-09T14:32:46.476Z", dateUpdated: "2024-08-03T14:01:31.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45094
Vulnerability from cvelistv5
Published
2023-01-10 11:39
Modified
2025-04-09 14:02
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:01:31.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-45094", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-09T14:01:52.054885Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-09T14:02:04.663Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-10T11:39:44.116Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-45094", datePublished: "2023-01-10T11:39:44.116Z", dateReserved: "2022-11-09T14:32:46.476Z", dateUpdated: "2025-04-09T14:02:04.663Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48429
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:30:35.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.", }, ], metrics: [ { cvssV3_1: { baseScore: 2.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-394", description: "CWE-394: Unexpected Status Code or Return Value", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:27:20.840Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48429", datePublished: "2023-12-12T11:27:20.840Z", dateReserved: "2023-11-16T16:30:40.849Z", dateUpdated: "2024-08-02T21:30:35.075Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2068
Vulnerability from cvelistv5
Published
2022-06-21 14:45
Modified
2024-09-16 19:41
Severity ?
EPSS score ?
Summary
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.279Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220621.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { name: "DSA-5169", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { name: "FEDORA-2022-3b7d0abd0b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)", }, ], }, ], credits: [ { lang: "en", value: "Chancen (Qingteng 73lab)", }, ], datePublic: "2022-06-21T00:00:00", descriptions: [ { lang: "en", value: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Command injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-10T00:00:00", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220621.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { name: "DSA-5169", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { name: "FEDORA-2022-3b7d0abd0b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "The c_rehash script allows command injection", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2022-2068", datePublished: "2022-06-21T14:45:20.597138Z", dateReserved: "2022-06-13T00:00:00", dateUpdated: "2024-09-16T19:41:46.658Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32212
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2025-04-30 22:24
Severity ?
EPSS score ?
Summary
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.009Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1632921", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "14.20.1", status: "affected", version: "14.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "16.17.1", status: "affected", version: "16.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper Access Control - Generic (CWE-284)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T22:24:44.217Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1632921", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32212", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2025-04-30T22:24:44.217Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35256
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2025-04-30 22:24
Severity ?
EPSS score ?
Summary
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:29:17.444Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1675191", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-35256", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-24T13:21:44.276405Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-24T13:22:44.702Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "14.20.1", status: "affected", version: "14.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "16.17.1", status: "affected", version: "16.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T22:24:47.709Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1675191", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-35256", datePublished: "2022-12-05T00:00:00.000Z", dateReserved: "2022-07-06T00:00:00.000Z", dateUpdated: "2025-04-30T22:24:47.709Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23839
Vulnerability from cvelistv5
Published
2021-02-16 16:55
Modified
2024-09-17 03:59
Severity ?
EPSS score ?
Summary
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-23839", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T19:19:45.526222Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-01T19:19:52.707Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.228Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x)", }, ], }, ], credits: [ { lang: "en", value: "D. Katz and Joel Luellwitz (Trustwave)", }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Low", value: "Low", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Rollback attack", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:06:04.879792", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210216.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "Incorrect SSLv2 rollback protection", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-23839", datePublished: "2021-02-16T16:55:17.519714Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-17T03:59:18.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32215
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2025-04-30 22:24
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.008Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1501679", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "14.20.1", status: "affected", version: "14.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "16.17.1", status: "affected", version: "16.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T22:24:42.485Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { url: "https://hackerone.com/reports/1501679", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32215", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2025-04-30T22:24:42.485Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46892
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-12 14:21
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-46892", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T14:21:05.449383Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T14:21:32.457Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 6.9, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-613", description: "CWE-613: Insufficient Session Expiration", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T12:49:44.470Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-46892", datePublished: "2024-11-12T12:49:44.470Z", dateReserved: "2024-09-12T11:24:19.243Z", dateUpdated: "2024-11-12T14:21:32.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32222
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2025-04-30 22:24
Severity ?
EPSS score ?
Summary
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.053Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1695596", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "14.20.0", status: "affected", version: "14.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "16.20.0", status: "affected", version: "16.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-310", description: "Cryptographic Issues - Generic (CWE-310)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T22:24:46.826Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1695596", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32222", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2025-04-30T22:24:46.826Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23841
Vulnerability from cvelistv5
Published
2021-02-16 16:55
Modified
2024-09-16 22:39
Severity ?
EPSS score ?
Summary
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-23841", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-26T20:18:08.118870Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-26T20:18:17.204Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.152Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { name: "DSA-4855", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { name: "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { name: "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-09", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-03", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212529", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212528", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212534", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)", }, ], }, ], credits: [ { lang: "en", value: "Tavis Ormandy (Google)", }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:57.206585", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210216.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { name: "DSA-4855", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { name: "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { name: "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.tenable.com/security/tns-2021-09", }, { url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { url: "https://www.tenable.com/security/tns-2021-03", }, { url: "https://support.apple.com/kb/HT212529", }, { url: "https://support.apple.com/kb/HT212528", }, { url: "https://support.apple.com/kb/HT212534", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "Null pointer deref in X509_issuer_and_serial_hash()", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-23841", datePublished: "2021-02-16T16:55:18.817258Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-16T22:39:57.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48430
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:30:35.228Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.", }, ], metrics: [ { cvssV3_1: { baseScore: 2.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-392", description: "CWE-392: Missing Report of Error Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:27:22.091Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48430", datePublished: "2023-12-12T11:27:22.091Z", dateReserved: "2023-11-16T16:30:40.849Z", dateUpdated: "2024-08-02T21:30:35.228Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48427
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2024-11-25 21:16
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:30:35.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-48427", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T21:16:08.935587Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-25T21:16:41.045Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-295", description: "CWE-295: Improper Certificate Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:27:18.362Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48427", datePublished: "2023-12-12T11:27:18.362Z", dateReserved: "2023-11-16T16:30:40.849Z", dateUpdated: "2024-11-25T21:16:41.045Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3749
Vulnerability from cvelistv5
Published
2021-08-31 10:36
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
axios is vulnerable to Inefficient Regular Expression Complexity
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| axios | axios/axios |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:09:08.302Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [druid] branch master updated: Fix CVE-2021-3749 reported in security vulnerabilities job (#11786)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson merged pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-dev] 20211009 [CRON] Passed: apache/druid#33528 (master - adb2237)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a%40%3Cdev.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "axios/axios", vendor: "axios", versions: [ { lessThanOrEqual: "0.21.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "axios is vulnerable to Inefficient Regular Expression Complexity", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1333", description: "CWE-1333 Inefficient Regular Expression Complexity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:31", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [druid] branch master updated: Fix CVE-2021-3749 reported in security vulnerabilities job (#11786)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson merged pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-dev] 20211009 [CRON] Passed: apache/druid#33528 (master - adb2237)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a%40%3Cdev.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], source: { advisory: "1e8f07fc-c384-4ff9-8498-0690de2e8c31", discovery: "EXTERNAL", }, title: "Inefficient Regular Expression Complexity in axios/axios", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2021-3749", STATE: "PUBLIC", TITLE: "Inefficient Regular Expression Complexity in axios/axios", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "axios/axios", version: { version_data: [ { version_affected: "<=", version_value: "0.21.1", }, ], }, }, ], }, vendor_name: "axios", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "axios is vulnerable to Inefficient Regular Expression Complexity", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-1333 Inefficient Regular Expression Complexity", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", refsource: "CONFIRM", url: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", }, { name: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", refsource: "MISC", url: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211008 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [druid] branch master updated: Fix CVE-2021-3749 reported in security vulnerabilities job (#11786)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] jihoonson merged pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20211009 [GitHub] [druid] andreacyc commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-dev] 20211009 [CRON] Passed: apache/druid#33528 (master - adb2237)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a@%3Cdev.druid.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, source: { advisory: "1e8f07fc-c384-4ff9-8498-0690de2e8c31", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2021-3749", datePublished: "2021-08-31T10:36:43", dateReserved: "2021-08-30T00:00:00", dateUpdated: "2024-08-03T17:09:08.302Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45093
Vulnerability from cvelistv5
Published
2023-01-10 11:39
Modified
2025-04-09 14:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:01:31.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-45093", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-09T14:02:57.941614Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-09T14:03:09.734Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-10T11:39:43.047Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-45093", datePublished: "2023-01-10T11:39:43.047Z", dateReserved: "2022-11-09T14:32:46.476Z", dateUpdated: "2025-04-09T14:03:09.734Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22945
Vulnerability from cvelistv5
Published
2021-09-23 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: curl 7.73.0 to and including 7.78.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:58:26.137Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1269242", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213183", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "curl 7.73.0 to and including 7.78.0", }, ], }, ], descriptions: [ { lang: "en", value: "When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-415", description: "Double Free (CWE-415)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-19T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1269242", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://support.apple.com/kb/HT213183", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2021-22945", datePublished: "2021-09-23T00:00:00", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-03T18:58:26.137Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32213
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2025-04-30 22:24
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.004Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1524555", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "14.20.1", status: "affected", version: "14.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "16.17.1", status: "affected", version: "16.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T22:24:45.103Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { url: "https://hackerone.com/reports/1524555", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32213", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2025-04-30T22:24:45.103Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0396
Vulnerability from cvelistv5
Published
2022-03-23 10:45
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:25:40.544Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://kb.isc.org/v1/docs/cve-2022-0396", }, { name: "FEDORA-2022-14e36aac0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-25", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-25", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIND", vendor: "ISC", versions: [ { status: "affected", version: "Open Source Branch 9.16 9.16.11 through versions before 9.16.27", }, { status: "affected", version: "Development Branch 9.17 BIND 9.17 all versions", }, { status: "affected", version: "Open Source Branch 9.18 9.18.0", }, { status: "affected", version: "Supported Preview Branch 9.16-S 9.16.11-S through versions before 9.16.27-S", }, ], }, ], datePublic: "2022-03-16T00:00:00", descriptions: [ { lang: "en", value: "BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "ISC recently discovered an issue in BIND that allows TCP connection slots to be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. This issue is present in BIND. BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. 9.16.11 to 9.16.26 (including S editions), and 9.18.0. This issue can only be triggered on BIND servers which have keep-response-order enabled, which is not the default configuration. The keep-response-order option is an ACL block; any hosts which are specified within it will be able to trigger this issue on affected versions. BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-31T00:00:00", orgId: "404fd4d2-a609-4245-b543-2c944a302a22", shortName: "isc", }, references: [ { url: "https://kb.isc.org/v1/docs/cve-2022-0396", }, { name: "FEDORA-2022-14e36aac0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202210-25", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, ], solutions: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of BIND:\n 9.16.27\n 9.18.1\nBIND Supported Preview Edition is a special feature-preview branch of BIND provided to eligible ISC support customers.\n 9.16.27-S1", }, ], source: { discovery: "INTERNAL", }, title: "DoS from specifically crafted TCP packets", workarounds: [ { lang: "en", value: "To mitigate this issue in all affected versions of BIND, use the default setting of keep-response-order { none; }.\nActive exploits: We are not aware of any active exploits.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22", assignerShortName: "isc", cveId: "CVE-2022-0396", datePublished: "2022-03-23T10:45:13.589095Z", dateReserved: "2022-01-27T00:00:00", dateUpdated: "2024-09-16T19:05:24.544Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35255
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2025-04-30 05:48
Severity ?
EPSS score ?
Summary
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:29:17.447Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1690000", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230113-0002/", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-35255", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-24T13:23:49.139648Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-24T13:24:14.629Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Node", vendor: "NodeJS", versions: [ { lessThan: "4.*", status: "affected", version: "4.0", versionType: "semver", }, { lessThan: "5.*", status: "affected", version: "5.0", versionType: "semver", }, { lessThan: "6.*", status: "affected", version: "6.0", versionType: "semver", }, { lessThan: "7.*", status: "affected", version: "7.0", versionType: "semver", }, { lessThan: "8.*", status: "affected", version: "8.0", versionType: "semver", }, { lessThan: "9.*", status: "affected", version: "9.0", versionType: "semver", }, { lessThan: "10.*", status: "affected", version: "10.0", versionType: "semver", }, { lessThan: "11.*", status: "affected", version: "11.0", versionType: "semver", }, { lessThan: "12.*", status: "affected", version: "12.0", versionType: "semver", }, { lessThan: "13.*", status: "affected", version: "13.0", versionType: "semver", }, { lessThan: "15.*", status: "affected", version: "15.0", versionType: "semver", }, { lessThan: "17.*", status: "affected", version: "17.0", versionType: "semver", }, { lessThan: "18.9.1", status: "affected", version: "18.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-338", description: "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CWE-338)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-30T05:48:45.486Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1690000", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { url: "https://security.netapp.com/advisory/ntap-20230113-0002/", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-35255", datePublished: "2022-12-05T00:00:00.000Z", dateReserved: "2022-07-06T00:00:00.000Z", dateUpdated: "2025-04-30T05:48:45.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28500
Vulnerability from cvelistv5
Published
2021-02-15 11:10
Modified
2024-09-16 22:15
Severity ?
EPSS score ?
Summary
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:40:59.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lodash/lodash/pull/5065", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Lodash", vendor: "n/a", versions: [ { status: "affected", version: "versions prior to 4.17.21", }, ], }, ], credits: [ { lang: "en", value: "Liyuan Chen", }, ], datePublic: "2021-02-15T00:00:00", descriptions: [ { lang: "en", value: "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 5, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Regular Expression Denial of Service (ReDoS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:20", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lodash/lodash/pull/5065", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "Regular Expression Denial of Service (ReDoS)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-02-15T11:10:02.896752Z", ID: "CVE-2020-28500", STATE: "PUBLIC", TITLE: "Regular Expression Denial of Service (ReDoS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Lodash", version: { version_data: [ { version_value: "versions prior to 4.17.21", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Liyuan Chen", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Regular Expression Denial of Service (ReDoS)", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", }, { name: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", refsource: "MISC", url: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", }, { name: "https://github.com/lodash/lodash/pull/5065", refsource: "MISC", url: "https://github.com/lodash/lodash/pull/5065", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { name: "https://security.netapp.com/advisory/ntap-20210312-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2020-28500", datePublished: "2021-02-15T11:10:16.225227Z", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-09-16T22:15:52.206Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0235
Vulnerability from cvelistv5
Published
2022-01-16 00:00
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| node-fetch | node-fetch/node-fetch |
Version: unspecified < 3.1.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:42.930Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7", }, { tags: [ "x_transferred", ], url: "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "[debian-lts-announce] 20221205 [SECURITY] [DLA 3222-1] node-fetch security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "node-fetch/node-fetch", vendor: "node-fetch", versions: [ { lessThan: "3.1.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-05T00:00:00", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7", }, { url: "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "[debian-lts-announce] 20221205 [SECURITY] [DLA 3222-1] node-fetch security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html", }, ], source: { advisory: "d26ab655-38d6-48b3-be15-f9ad6b6ae6f7", discovery: "EXTERNAL", }, title: "Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch", }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0235", datePublished: "2022-01-16T00:00:00", dateReserved: "2022-01-14T00:00:00", dateUpdated: "2024-08-02T23:18:42.930Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46888
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-12 14:32
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:sinec_ins:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sinec_ins", vendor: "seimens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-46888", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T14:31:00.141310Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T14:32:11.296Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SINEC INS", vendor: "Siemens", versions: [ { lessThan: "V1.0 SP2 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 9.4, baseSeverity: "CRITICAL", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T12:49:39.127Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-46888", datePublished: "2024-11-12T12:49:39.127Z", dateReserved: "2024-09-12T11:24:19.243Z", dateUpdated: "2024-11-12T14:32:11.296Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0155
Vulnerability from cvelistv5
Published
2022-01-10 19:30
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406 | x_refsource_CONFIRM | |
| https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22 | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| follow-redirects | follow-redirects/follow-redirects |
Version: unspecified < 1.14.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:42.041Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "follow-redirects/follow-redirects", vendor: "follow-redirects", versions: [ { lessThan: "1.14.7", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-359", description: "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T11:06:25", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], source: { advisory: "fc524e4b-ebb6-427d-ab67-a64181020406", discovery: "EXTERNAL", }, title: "Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0155", STATE: "PUBLIC", TITLE: "Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "follow-redirects/follow-redirects", version: { version_data: [ { version_affected: "<", version_value: "1.14.7", }, ], }, }, ], }, vendor_name: "follow-redirects", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", refsource: "CONFIRM", url: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", }, { name: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", refsource: "MISC", url: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, ], }, source: { advisory: "fc524e4b-ebb6-427d-ab67-a64181020406", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0155", datePublished: "2022-01-10T19:30:10", dateReserved: "2022-01-07T00:00:00", dateUpdated: "2024-08-02T23:18:42.041Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25217
Vulnerability from cvelistv5
Published
2021-05-26 22:10
Modified
2024-09-16 22:08
Severity ?
EPSS score ?
Summary
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.067Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://kb.isc.org/docs/cve-2021-25217", }, { name: "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/05/26/6", }, { name: "FEDORA-2021-08cdb4dc34", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/", }, { name: "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html", }, { name: "FEDORA-2021-8ca8263bde", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220325-0011/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202305-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202305-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ISC DHCP", vendor: "ISC", versions: [ { lessThan: "4.1-ESV-R16-P1", status: "affected", version: "4.1 ESV", versionType: "custom", }, { lessThan: "4.4.2-P1", status: "affected", version: "4.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "ISC would like to thank Jon Franklin from Dell and Pawel Wieczorkiewicz from Amazon Web Services for (independently) reporting this vulnerability.", }, ], datePublic: "2021-05-26T00:00:00", descriptions: [ { lang: "en", value: "In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.", }, ], exploits: [ { lang: "en", value: "We are not aware of any active exploits.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Program code used by the ISC DHCP package to read and parse stored leases has a defect that can be exploited by an attacker to cause one of several undesirable outcomes, depending on the component attacked and the way in which it was compiled. Because of a discrepancy between the code which handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage, it is potentially possible for an attacker to deliberately cause a situation where: dhcpd, while running in DHCPv4 or DHCPv6 mode, or dhclient, the ISC DHCP client implementation will attempt to read a stored lease that contains option information which will trigger a bug in the option parsing code. Affects ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2. Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability. Affects both dhcpd (server) and dhcpcd (client).", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-03T00:00:00", orgId: "404fd4d2-a609-4245-b543-2c944a302a22", shortName: "isc", }, references: [ { url: "https://kb.isc.org/docs/cve-2021-25217", }, { name: "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/05/26/6", }, { name: "FEDORA-2021-08cdb4dc34", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/", }, { name: "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html", }, { name: "FEDORA-2021-8ca8263bde", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", }, { url: "https://security.netapp.com/advisory/ntap-20220325-0011/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { name: "GLSA-202305-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202305-22", }, ], solutions: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of ISC DHCP:\n\n ISC DHCP 4.1-ESV-R16-P1\n ISC DHCP 4.4.2-P1", }, ], source: { discovery: "USER", }, title: "A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient", workarounds: [ { lang: "en", value: "None known.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22", assignerShortName: "isc", cveId: "CVE-2021-25217", datePublished: "2021-05-26T22:10:11.312869Z", dateReserved: "2021-01-15T00:00:00", dateUpdated: "2024-09-16T22:08:32.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-01-28 22:15
Modified
2024-11-21 06:37
Severity ?
Summary
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | * | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| oracle | health_sciences_inform_publisher | 6.2.1.1 | |
| oracle | health_sciences_inform_publisher | 6.3.1.1 | |
| oracle | jd_edwards_enterpriseone_tools | 9.2.6.3 | |
| oracle | jd_edwards_world_security | a9.4 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | peoplesoft_enterprise_peopletools | 8.59 | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| oracle | enterprise_manager_ops_center | 12.4.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C0637240-BA4E-4B83-9E47-5418B2B8E76F", versionEndIncluding: "1.0.2zb", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "6314E930-4FD0-42E6-8953-75205248D0C0", versionEndExcluding: "1.1.1m", versionStartIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:-:*:*:*:*:*:*", matchCriteriaId: "07D64A21-359E-40B7-8636-7E76D7466263", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "548C088E-7123-4825-B752-4DEA6A421766", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha10:*:*:*:*:*:*", matchCriteriaId: "94E6E480-5E0C-4BDA-B904-38A8E025A38E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha11:*:*:*:*:*:*", matchCriteriaId: "68C330BD-0089-43E1-A5A7-89478D699FCC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha12:*:*:*:*:*:*", matchCriteriaId: "EDDBB564-F8B3-4354-92DD-CBA482E01F55", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha13:*:*:*:*:*:*", matchCriteriaId: "FA41AD12-87F2-4F8F-9D92-BD141D1BB5CF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha14:*:*:*:*:*:*", matchCriteriaId: "C7276F4F-2520-4477-9D52-7BEB6188A714", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha15:*:*:*:*:*:*", matchCriteriaId: "A0B98C2A-2B8B-406F-8881-455640624D9F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha16:*:*:*:*:*:*", matchCriteriaId: "408C7AFA-F4ED-4D36-91BD-E621D056F0F7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha17:*:*:*:*:*:*", matchCriteriaId: "96457E9D-6EFC-4FB9-AAF5-A9A27B519BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "31593C1F-A2EA-4A47-8027-397C79EC9E30", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "C47AA30A-71D5-4AA4-9C0C-794B2705FE7F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "7F4EAFB3-1345-4B67-8859-3EB1DFD23C59", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "D0F3FCF6-136F-4FF8-BB1D-B5D08E6C246C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "3438FAA2-AEBC-4A32-8E33-3035EE392CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha7:*:*:*:*:*:*", matchCriteriaId: "1AF93A67-34DE-44FC-9402-60048ADE8F1A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha8:*:*:*:*:*:*", matchCriteriaId: "26ED655F-95C7-4A29-A0A1-F40C3150B36F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha9:*:*:*:*:*:*", matchCriteriaId: "8D6A2277-07F5-4D0F-BB36-268D0C449051", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "72F6B7A7-BCD5-42BE-A77A-B4A4CB3540B1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "A6F74415-4AD7-47E0-8792-F971E655954F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "2F12453B-0E7B-46B9-ADEC-0AC5EDC41058", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5D105A5B-0AA8-4782-B804-CB1384F85884", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3:*:*:*:*:*:*:*", matchCriteriaId: "4A87D1B6-87DF-4BC6-9C3E-F3AA47E22C4D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", }, { lang: "es", value: "Se presenta un bug de propagación carry en el procedimiento de cuadratura de MIPS32 y MIPS64. Muchos algoritmos de la CE están afectados, incluyendo algunas de las curvas por defecto de TLS versión 1.3. El impacto no es analizado en detalle, porque los requisitos previos para el ataque son considerados poco probables e incluyen el reuso de claves privadas. El análisis sugiere que los ataques contra RSA y DSA como resultado de este defecto serían muy difíciles de llevar a cabo y no se consideran probables. Los ataques contra DH se consideran apenas factibles (aunque muy difíciles) porque la mayor parte del trabajo necesario para deducir información sobre una clave privada puede llevarse a cabo fuera de línea. La cantidad de recursos necesarios para un ataque de este tipo sería significativa. Sin embargo, para que un ataque a TLS tenga sentido, el servidor tendría que compartir la clave privada DH entre múltiples clientes, lo que ya no es una opción desde CVE-2016-0701. Este problema afecta a OpenSSL versiones 1.0.2, 1.1.1 y 3.0.0. Se ha abordado en versiones 1.1.1m y 3.0.1 el 15 de diciembre de 2021. En el caso de la versión 1.0.2, ha sido abordada en el commit 6fc1aaaf3 de git, que sólo está disponible para los clientes de soporte premium. Estará disponible en la versión 1.0.2zc cuando sea publicada. El problema sólo afecta a OpenSSL en plataformas MIPS. Corregido en OpenSSL versión 3.0.1 (Afectado versión 3.0.0). Corregido en OpenSSL versión 1.1.1m (Afectado versión 1.1.1-1.1.1l). Corregido en OpenSSL versión 1.0.2zc-dev (Afectado versión 1.0.2-1.0.2zb)", }, ], id: "CVE-2021-4160", lastModified: "2024-11-21T06:37:02.273", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-28T22:15:15.133", references: [ { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220128.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220128.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-10 20:15
Modified
2024-11-21 06:38
Severity ?
Summary
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | Patch, Third Party Advisory | |
| security@huntr.dev | https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406 | Exploit, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| follow-redirects_project | follow-redirects | * | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:follow-redirects_project:follow-redirects:*:*:*:*:*:node.js:*:*", matchCriteriaId: "C2DABAA5-4FC6-4335-A94B-74CC931680E8", versionEndExcluding: "1.14.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", }, { lang: "es", value: "follow-redirects es vulnerable a una Exposición de Información Personal Privada a un Actor no Autorizado", }, ], id: "CVE-2022-0155", lastModified: "2024-11-21T06:38:01.143", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-10T20:15:08.177", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", }, { source: "security@huntr.dev", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-359", }, ], source: "security@huntr.dev", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 23:11
Severity ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-915275.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*", matchCriteriaId: "6B405F22-5517-49F5-A7CA-1E50D58DFC75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (todas las versiones < V1.0 SP2 Update 3). La aplicación afectada utiliza material de clave criptográfica codificado de forma rígida para ofuscar los archivos de configuración. Esto podría permitir que un atacante obtenga ese material de clave criptográfica mediante ingeniería inversa del binario de la aplicación y descifre archivos de respaldo arbitrarios.", }, ], id: "CVE-2024-46889", lastModified: "2024-11-13T23:11:58.763", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "productcert@siemens.com", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "LOW", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2024-11-12T13:15:09.200", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-321", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:31
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427).", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). El software afectado no valida correctamente la respuesta recibida por un servidor UMC. Un atacante puede utilizar esto para bloquear el software afectado proporcionando y configurando un servidor UMC malicioso o manipulando el tráfico desde un servidor UMC legítimo (es decir, aprovechando CVE-2023-48427).", }, ], id: "CVE-2023-48431", lastModified: "2024-11-21T08:31:42.567", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-12T12:15:15.777", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-754", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-26 22:15
Modified
2024-11-21 05:54
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", matchCriteriaId: "106A3E98-3D4B-47F7-80AD-49A47A7B20D6", versionEndIncluding: "4.4.2", versionStartIncluding: "4.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", matchCriteriaId: "FBAABA4E-0D34-4644-AC26-E272CEE6C361", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*", matchCriteriaId: "179443DC-4B6A-408A-8BE5-B3E72188F43E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*", matchCriteriaId: "C9BE7736-58CD-468B-84AB-B38C9B254BA6", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*", matchCriteriaId: "7EB6F7F0-B2A0-47E3-AD7A-4E7618A36F90", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*", matchCriteriaId: "CA5FAE54-1645-4A38-A431-10E67304399A", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*", matchCriteriaId: "2C0D1A71-CECB-4C86-87F6-EB3741BDF692", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*", matchCriteriaId: "ADF80D19-3B0A-4A74-944E-F33CCC30EADA", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*", matchCriteriaId: "40B21FCB-43A8-4266-934D-ECFF8138F637", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*", matchCriteriaId: "69D49F23-9074-49E7-985F-4D93393324CD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*", matchCriteriaId: "3F729D1D-7234-4BC2-839B-AE1BB9D16C25", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*", matchCriteriaId: "9E01D88D-876D-45FE-B7ED-089DAD801EF6", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*", matchCriteriaId: "C4B030B1-F008-4562-93C7-7E1C6D3D00F4", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*", matchCriteriaId: "FF656F5E-B317-4E0C-BF01-EC2A917142DC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*", matchCriteriaId: "FBA64EEC-C0C7-4F11-8131-2868691E54DB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*", matchCriteriaId: "FFD3109A-1D76-4EA7-BF39-0B203AD945CF", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*", matchCriteriaId: "157520D7-AE39-4E23-A8CF-DD75EA78C055", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*", matchCriteriaId: "B07118EC-9508-42B8-8D09-5CE310DA2B43", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*", matchCriteriaId: "2156D1BC-90AE-4AF3-964C-DAC7DCE14A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*", matchCriteriaId: "A157E664-6ACE-44CE-AC07-64898B182EA1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*", matchCriteriaId: "0056BF7A-4A70-4F1D-89C2-25CCDB65217B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*", matchCriteriaId: "BA8ADA07-94FA-4014-AF70-8FCAF5F0DB03", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*", matchCriteriaId: "1D21F05D-246F-41F5-81FD-286C26168E2E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*", matchCriteriaId: "12103C87-C942-481A-A68C-7BC83F964C06", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*", matchCriteriaId: "A2E0124D-6330-4013-8145-4309FDAE60A8", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*", matchCriteriaId: "924E91FF-495F-4963-827F-57F7340C6560", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*", matchCriteriaId: "3BC02748-557A-4131-A372-D99B62B4B93B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*", matchCriteriaId: "76A11284-3D81-45F0-8055-17282945C14F", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*", matchCriteriaId: "98431CF5-D4C2-4FCF-BA81-0BBB631546D2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC90F7B5-81FB-43C5-8658-78589F26A4B2", versionEndExcluding: "2.15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "12BD4008-DB6A-4749-A426-D2DE44819A9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14720DF0-EBA3-4173-9472-163EBC688586", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "3E79B422-C844-411C-AA49-CFD73D3C6E2D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D09DE9BF-E5F5-40E8-BD31-8090A7A6FACA", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*", matchCriteriaId: "53AAEC5C-06EE-4C58-A981-EBF5860CEF16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A05BE2-7F53-49B7-9831-44E97E9ABA4B", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*", matchCriteriaId: "0751225A-6E9C-4281-93A4-A048920FF7C6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9290F77E-4E1C-4B01-8C6E-4AEFB37C373A", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*", matchCriteriaId: "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD195547-C770-4696-BB58-C0EC5FA38C29", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*", matchCriteriaId: "41ADD701-AD49-46B2-A12E-219CCED32298", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B0D2FC6-C24B-4AF8-813F-4432728A2021", versionEndExcluding: "2.15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*", matchCriteriaId: "F8C70D90-E8FA-4343-9027-152A99D79C82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E06BA0F-8D2A-48AF-B012-07F181F83828", versionEndExcluding: "2.15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*", matchCriteriaId: "C1775F3B-6F47-4134-8B4E-CF6337FF546C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28795B18-748A-46AF-B600-5CC7A7A95068", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1E0E33F2-E89B-4008-BED2-CF2296801078", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2788BC61-D5EB-4E44-A896-0A416CC6D51E", versionEndExcluding: "2.15.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.", }, { lang: "es", value: "En ISC DHCP versiones 4.1-ESV-R1 anteriores a 4.1-ESV-R16, ISC DHCP versiones 4.4.0 anteriores a 4.4.2 (Otras ramas de ISC DHCP (es decir, versiones de la serie 4.0.x o inferiores y versiones de la serie 4.3.x) están más allá de su End-of-Life (EOL) y ya no son soportadas por ISC. El resultado de encontrar el fallo mientras se lee un contrato de arrendamiento que lo desencadena varía, según: el componente afectado (es decir, dhclient o dhcpd) si el paquete se construyó como un binario de 32 o 64 bits si fue usado el flag del compilador -fstack-protection-strong al compilar En dhclient, ISC no ha reproducido con éxito el error en un sistema de 64 bits. Sin embargo, en un sistema de 32 bits es posible causar a dhclient bloquearse cuando leen un contrato de arrendamiento inapropiado, lo que podría causar problemas de conectividad de red para un sistema afectado debido a la ausencia de un proceso de cliente DHCP en ejecución. En dhcpd, cuando se ejecuta en modo DHCPv4 o DHCPv6: si el binario del servidor dhcpd fue construido para una arquitectura de 32 bits Y se especificó el flag -fstack-protection-strong al compilador, dhcpd puede salir mientras analiza un archivo de arrendamiento que contiene un arrendamiento objetable, resultando en la falta de servicio a los clientes. Si el binario del servidor dhcpd fue construido para una arquitectura de 64 bits O si la flag -fstack-protection-strong del compilador NO fue especificado, el bloqueo no ocurrirá, pero es posible que el contrato de arrendamiento ofensivo y el que le sigue sean borrados inapropiadamente", }, ], id: "CVE-2021-25217", lastModified: "2024-11-21T05:54:34.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "security-officer@isc.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2021-05-26T22:15:07.947", references: [ { source: "security-officer@isc.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/05/26/6", }, { source: "security-officer@isc.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", }, { source: "security-officer@isc.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security-officer@isc.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://kb.isc.org/docs/cve-2021-25217", }, { source: "security-officer@isc.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/", }, { source: "security-officer@isc.org", url: "https://security.gentoo.org/glsa/202305-22", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220325-0011/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/05/26/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://kb.isc.org/docs/cve-2021-25217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202305-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220325-0011/", }, ], sourceIdentifier: "security-officer@isc.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-09 18:15
Modified
2024-11-21 05:00
Severity ?
Summary
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| json-c | json-c | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| canonical | ubuntu_linux | 20.04 | |
| siemens | sinec_ins | - | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:*", matchCriteriaId: "1B3DEC32-B4B2-4FE9-B702-FB50EB3561C3", versionEndExcluding: "0.15-20200726", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:-:*:*:*:*:*:*:*", matchCriteriaId: "0C054103-9D45-40D8-A29F-4287276E8BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", }, { lang: "es", value: "json-c versiones hasta 0.14, presenta un desbordamiento de enteros y una escritura fuera de límites por medio de un archivo JSON grande, como es demostrado por la función printbuf_memappend.", }, ], id: "CVE-2020-12762", lastModified: "2024-11-21T05:00:13.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-09T18:15:11.283", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/json-c/json-c/pull/592", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/rsyslog/libfastjson/issues/161", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4360-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4360-4/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/json-c/json-c/pull/592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/rsyslog/libfastjson/issues/161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4360-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4360-4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4741", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-06 20:15
Modified
2024-11-21 05:22
Severity ?
Summary
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*", matchCriteriaId: "3C13D531-C51C-462E-BDCD-A23F63CE381D", versionEndIncluding: "0.21.0", versionStartIncluding: "0.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.", }, { lang: "es", value: "El paquete Axios NPM versión 0.21.0, contiene una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) donde un atacante es capaz de omitir un proxy al proporcionar una URL que responde con un redireccionamiento hacia un host restringido o una dirección IP", }, ], id: "CVE-2020-28168", lastModified: "2024-11-21T05:22:25.573", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-06T20:15:13.163", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/axios/axios/issues/3369", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/axios/axios/issues/3369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e%40%3Ccommits.druid.apache.org%3E", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-05 22:15
Modified
2025-04-24 14:15
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf | Third Party Advisory | |
| support@hackerone.com | https://hackerone.com/reports/1690000 | Exploit, Issue Tracking, Third Party Advisory | |
| support@hackerone.com | https://security.netapp.com/advisory/ntap-20230113-0002/ | Third Party Advisory | |
| support@hackerone.com | https://www.debian.org/security/2023/dsa-5326 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1690000 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230113-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5326 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "E47572BB-0E1B-4F93-BCE9-45E03CFD65BD", versionEndIncluding: "15.14.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", versionEndIncluding: "16.12.0", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "09BD0FC2-5AA1-4A22-8432-A2EEA314FE09", versionEndExcluding: "16.17.1", versionStartIncluding: "16.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "DA8C00DD-A6E5-4E3D-8DD4-F4B51F5C208A", versionEndExcluding: "18.9.1", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.", }, { lang: "es", value: "Existe una aleatoriedad débil en la vulnerabilidad keygen de WebCrypto en Node.js 18 debido a un cambio con EntropySource() en SecretKeyGenTraits::DoKeyGen() en src/crypto/crypto_keygen.cc. Hay dos problemas con esto: 1) No verifica el valor de retorno, asume que EntropySource() siempre tiene éxito, pero puede (y a veces fallará). 2) Los datos aleatorios devueltos por EntropySource() pueden no ser criptográficamente sólidos y, por lo tanto, no son adecuados como material de claves.", }, ], id: "CVE-2022-35255", lastModified: "2025-04-24T14:15:32.070", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2022-12-05T22:15:10.513", references: [ { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "support@hackerone.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1690000", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230113-0002/", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1690000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230113-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-338", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-338", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-14 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| llhttp | llhttp | * | |
| llhttp | llhttp | * | |
| llhttp | llhttp | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| debian | debian_linux | 11.0 | |
| stormshield | stormshield_management_center | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", matchCriteriaId: "E47EBF6E-EAF4-4853-A7F1-49B0E2880E44", versionEndExcluding: "14.20.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", matchCriteriaId: "BF84A61F-30D6-4D93-BCBD-C856D671B68B", versionEndExcluding: "16.17.1", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:*:*:*", matchCriteriaId: "65CED312-C629-4515-A3F4-84E889159D4A", versionEndExcluding: "18.9.1", versionStartIncluding: "18.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "3EB02718-B2A5-4822-B611-D62BB9EF44B0", versionEndExcluding: "14.20.0", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", versionEndIncluding: "16.12.0", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "D9D9B02E-C965-408B-999E-1F3DA09B62AA", versionEndExcluding: "16.16.0", versionStartIncluding: "16.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "D224E154-915A-4E2C-A0D7-D28D1C1472F7", versionEndExcluding: "18.5.0", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "57CACB72-BAD7-41F6-9977-321DA7F79519", versionEndExcluding: "3.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).", }, { lang: "es", value: "El parser llhttp anteriores a la versión v14.20.1, anteriores a la versión v16.17.1 y anteriores a la versión v18.9.1 del módulo http en Node.js no maneja correctamente las cabeceras Transfer-Encoding de varias líneas. Esto puede llevar al contrabando de solicitudes HTTP (HRS)", }, ], id: "CVE-2022-32215", lastModified: "2024-11-21T07:05:56.540", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-14T15:15:08.387", references: [ { source: "support@hackerone.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "support@hackerone.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1501679", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { source: "support@hackerone.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1501679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-11 14:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ua-parser-js_project | ua-parser-js | * | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ua-parser-js_project:ua-parser-js:*:*:*:*:*:node.js:*:*", matchCriteriaId: "8D28E07F-388B-4B47-9657-EE64D67990F9", versionEndExcluding: "0.7.23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).", }, { lang: "es", value: "El paquete ua-parser-js versiones anteriores a 0.7.23, es vulnerable a una Denegación de Servicio de Expresión Regular (ReDoS) en múltiples expresiones regulares (véase el commit vinculado para mayor información)", }, ], id: "CVE-2020-7793", lastModified: "2024-11-21T05:37:48.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-11T14:15:11.283", references: [ { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBFAISALMAN-1050388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-10 12:15
Modified
2024-11-21 07:28
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones ", }, ], id: "CVE-2022-45094", lastModified: "2024-11-21T07:28:46.187", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-10T12:15:23.590", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-31 11:15
Modified
2024-11-21 06:22
Severity ?
Summary
axios is vulnerable to Inefficient Regular Expression Complexity
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*", matchCriteriaId: "A12CFACF-6FBD-4AE9-A7BF-9D532DAA8212", versionEndIncluding: "0.21.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", matchCriteriaId: "B359C56A-5507-4CC0-975A-683A9DBBE3FC", versionEndExcluding: "21.7.0.0.0", versionStartIncluding: "21.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "axios is vulnerable to Inefficient Regular Expression Complexity", }, { lang: "es", value: "axios es vulnerable a una Complejidad de Expresión Regular Ineficiente", }, ], id: "CVE-2021-3749", lastModified: "2024-11-21T06:22:19.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-31T11:15:07.890", references: [ { source: "security@huntr.dev", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", }, { source: "security@huntr.dev", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a%40%3Cdev.druid.apache.org%3E", }, { source: "security@huntr.dev", url: "https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103%40%3Ccommits.druid.apache.org%3E", }, { source: "security@huntr.dev", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a%40%3Cdev.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1333", }, ], source: "security@huntr.dev", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:31
Severity ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). La interfaz de usuario web de los dispositivos afectados no comprueba la longitud de los parámetros en determinadas condiciones. Esto permite que un administrador malintencionado bloquee el servidor enviando una solicitud manipulada al servidor. El servidor se reiniciará automáticamente.", }, ], id: "CVE-2023-48429", lastModified: "2024-11-21T08:31:42.330", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2023-12-12T12:15:15.083", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-394", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-16 17:15
Modified
2024-11-21 05:51
Severity ?
Summary
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "F12DBEEA-AAB3-4383-A3E2-F865B960BA07", versionEndExcluding: "1.0.2y", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "90147138-26F0-42CF-A1DB-BE1853885CA6", versionEndExcluding: "1.1.1j", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*", matchCriteriaId: "657682A0-54D5-4DC6-A98E-8BAF685926C4", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*", matchCriteriaId: "8661D361-71B5-4C41-A818-C89EC551D900", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*", matchCriteriaId: "253603DC-2D92-442A-B3A8-A63E14D8A070", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*", matchCriteriaId: "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1721B5-9FCD-47C3-8338-E02932CF2C05", versionEndIncluding: "5.17.0", versionStartIncluding: "5.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", matchCriteriaId: "FFDA8CE0-8F2C-4FA7-91F8-A720F56EBC5D", versionEndExcluding: "14.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", matchCriteriaId: "168B0313-B7B6-4CD5-AD4F-C133050498BF", versionEndExcluding: "14.6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BB03E7-7DC3-404B-AD37-78849BE46420", versionEndExcluding: "14.6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "617E79BC-1012-4778-BDE7-44A238CC8D7A", versionEndExcluding: "11.4", versionStartIncluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "B602F9E8-1580-436C-A26D-6E6F8121A583", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "77C3DD16-1D81-40E1-B312-50FBD275507C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "81DAC8C0-D342-44B5-9432-6B88D389584F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "B4367D9B-BF81-47AD-A840-AC46317C774D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "61516569-C48F-4362-B334-8CA10EDB0EC2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*", matchCriteriaId: "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", matchCriteriaId: "058C7C4B-D692-49DE-924A-C2725A8162D3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "0F0434A5-F2A1-4973-917C-A95F2ABE97D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "96DD93E0-274E-4C36-99F3-EEF085E57655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "44B24982-87BE-4563-8B7E-D846607B641B", versionEndExcluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C9E14DE8-29C1-4C0C-9B31-2E3A11EE68E4", versionEndExcluding: "5.7.33", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "FBE10671-5C91-4ACF-ABD2-255E9F2F9D79", versionEndExcluding: "8.0.23", versionStartIncluding: "8.0.15", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", }, { lang: "es", value: "La función de la API pública de OpenSSL X509_issuer_and_serial_hash() intenta crear un valor hash único basado en los datos del emisor y del número de serie contenidos en un certificado X509. Sin embargo, no gestiona correctamente los errores que puedan producirse al analizar el campo del emisor (lo que podría ocurrir si el campo del emisor se construye de forma maliciosa). Esto puede dar lugar a un desvío de puntero NULL y a un fallo que conduzca a un posible ataque de denegación de servicio. La función X509_issuer_and_serial_hash() nunca es llamada directamente por OpenSSL, por lo que las aplicaciones sólo son vulnerables si utilizan esta función directamente y lo hacen con certificados que pueden haber sido obtenidos de fuentes no fiables. Las versiones de OpenSSL 1.1.1i y posteriores están afectadas por este problema. Los usuarios de estas versiones deberían actualizar a OpenSSL 1.1.1j. Las versiones de OpenSSL 1.0.2x e inferiores se ven afectadas por este problema. Sin embargo, OpenSSL 1.0.2 está fuera de soporte y ya no recibe actualizaciones públicas. Los clientes con soporte Premium de OpenSSL 1.0.2 deben actualizar a la versión 1.0.2y. Los demás usuarios deben actualizar a la versión 1.1.1j. Corregido en OpenSSL 1.1.1j (Afectado 1.1.1-1.1.1i). Corregido en OpenSSL 1.0.2y (Afectado 1.0.2-1.0.2x)", }, ], id: "CVE-2021-23841", lastModified: "2024-11-21T05:51:55.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-16T17:15:13.377", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212528", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212529", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212534", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212534", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:31
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). Los productos afectados no validan correctamente el certificado del servidor UMC configurado. Esto podría permitir a un atacante interceptar las credenciales que se envían al servidor UMC, así como manipular las respuestas, lo que podría permitirle al atacante escalar privilegios.", }, ], id: "CVE-2023-48427", lastModified: "2024-11-21T08:31:42.077", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-12T12:15:14.677", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-16 17:15
Modified
2024-11-21 05:51
Severity ?
Summary
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| oracle | business_intelligence | 5.5.0.0.0 | |
| oracle | business_intelligence | 5.9.0.0.0 | |
| oracle | business_intelligence | 12.2.1.3.0 | |
| oracle | business_intelligence | 12.2.1.4.0 | |
| oracle | enterprise_manager_for_storage_management | 13.4.0.0 | |
| oracle | enterprise_manager_ops_center | 12.4.0.0 | |
| oracle | graalvm | 19.3.5 | |
| oracle | graalvm | 20.3.1.2 | |
| oracle | graalvm | 21.0.0.2 | |
| oracle | jd_edwards_world_security | a9.4 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "3E90DD3D-CF27-4D49-973A-86E03225027B", versionEndIncluding: "1.0.2x", versionStartIncluding: "1.0.2s", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "B602F9E8-1580-436C-A26D-6E6F8121A583", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "77C3DD16-1D81-40E1-B312-50FBD275507C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "81DAC8C0-D342-44B5-9432-6B88D389584F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "61516569-C48F-4362-B334-8CA10EDB0EC2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", matchCriteriaId: "058C7C4B-D692-49DE-924A-C2725A8162D3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:community:*:*:*", matchCriteriaId: "F325B4DE-1330-4DE2-B127-76FA14C3639B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:community:*:*:*", matchCriteriaId: "CEDB365B-ABB3-4E62-B8C6-5E3454270855", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", }, { lang: "es", value: "OpenSSL versión 1.0.2 soporta SSLv2. Si un cliente intenta negociar SSLv2 con un servidor que está configurado para soportar tanto SSLv2 como versiones más recientes de SSL y TLS, entonces se hace una comprobación de un ataque de retroceso de versión cuando se deshace una firma RSA. Los clientes que soportan versiones de SSL o TLS superiores a SSLv2 deben usar una forma especial de relleno. Un servidor que soporta una versión superior a SSLv2 debe rechazar los intentos de conexión de un cliente en el que esté presente esta forma especial de relleno, porque esto indica que se ha producido un retroceso de versión (es decir, tanto el cliente como el servidor soportan una versión superior a SSLv2, y sin embargo esta es la versión que se está requiriendo). La implementación de esta comprobación de padding invirtió la lógica para que el intento de conexión sea aceptado si el padding está presente, y rechazado si está ausente. Esto significa que tal servidor aceptará una conexión si se ha producido un ataque de retroceso de versión. Además, el servidor rechazará erróneamente una conexión si se realiza un intento de conexión SSLv2 normal. Sólo los servidores OpenSSL versión 1.0.2 desde la versión 1.0.2s hasta la 1.0.2x están afectados por este problema. Para ser vulnerable, un servidor versión 1.0.2 debe 1) haber configurado la compatibilidad con SSLv2 en tiempo de compilación (está desactivada por defecto), 2) haber configurado la compatibilidad con SSLv2 en tiempo de ejecución (está deshabilitada por defecto), 3) haber configurado los ciphersuites de SSLv2 (no están en la lista de ciphersuites por defecto) OpenSSL versión 1.1.1 no presenta compatibilidad con SSLv2 y, por tanto, no es vulnerable a este problema. El error subyacente está en la implementación de la función RSA_padding_check_SSLv23(). Esto también afecta al modo de relleno RSA_SSLV23_PADDING usado por otras funciones. Aunque la versión 1.1.1 no soporta SSLv2, la función RSA_padding_check_SSLv23() sigue existiendo, al igual que el modo de relleno RSA_SSLV23_PADDING. Las aplicaciones que llamen directamente a esa función o utilicen ese modo de relleno se encontrarán con este problema. Sin embargo, como no existe soporte para el protocolo SSLv2 en la versión 1.1.1, esto se considera un error y no un problema de seguridad en esa versión. OpenSSL versión 1.0.2 está fuera de soporte y ya no recibe actualizaciones públicas. Los clientes de soporte Premium de OpenSSL versión 1.0.2 deben actualizar a la versión 1.0.2y. Los demás usuarios deben actualizar a la versión 1.1.1j. Corregido en OpenSSL versión 1.0.2y (Afectó versiones 1.0.2s-1.0.2x)", }, ], id: "CVE-2021-23839", lastModified: "2024-11-21T05:51:55.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-16T17:15:13.190", references: [ { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-23 11:15
Modified
2024-11-21 06:38
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", matchCriteriaId: "90B16201-A1E2-47D8-B410-92AE90B98867", versionEndExcluding: "9.16.27", versionStartIncluding: "9.16.11", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*", matchCriteriaId: "24C30F5B-53A9-4D41-9158-35250756E637", versionEndExcluding: "9.16.27", versionStartIncluding: "9.16.11", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", matchCriteriaId: "AC2500CA-5173-44CC-B35A-D645DA10BCE5", versionEndIncluding: "9.18.0", versionStartIncluding: "9.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.", }, { lang: "es", value: "BIND versiones 9.16.11 posteriores a 9.16.26, versiones 9.17.0 posteriores a 9.18.0 y versiones 9.16.11-S1 posteriores a 9.16.26-S1 de BIND Supported Preview Edition. Los flujos TCP específicamente diseñados pueden causar que las conexiones a BIND permanezcan en estado CLOSE_WAIT durante un período de tiempo indefinido, incluso después de que el cliente haya terminado la conexión", }, ], id: "CVE-2022-0396", lastModified: "2024-11-21T06:38:32.280", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "security-officer@isc.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-23T11:15:08.380", references: [ { source: "security-officer@isc.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security-officer@isc.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://kb.isc.org/v1/docs/cve-2022-0396", }, { source: "security-officer@isc.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://kb.isc.org/v1/docs/cve-2022-0396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, ], sourceIdentifier: "security-officer@isc.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-404", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-14 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "1D907C43-56F3-4FB8-8F20-C90C65EE5A08", versionEndExcluding: "14.20.1", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", versionEndIncluding: "16.12.0", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "09BD0FC2-5AA1-4A22-8432-A2EEA314FE09", versionEndExcluding: "16.17.1", versionStartIncluding: "16.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "D224E154-915A-4E2C-A0D7-D28D1C1472F7", versionEndExcluding: "18.5.0", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.", }, { lang: "es", value: "Se presenta una vulnerabilidad de inyección de comandos en el Sistema Operativo en Node.js versiones anteriores a 14.20.0, anteriores a 16.16.0, anteriores a 18.5.0, debido a una comprobación insuficiente de IsAllowedHost que puede ser fácilmente omitida porque IsIPAddress no comprueba correctamente si una dirección IP no es válida antes de realizar peticiones DBS permitiendo ataques de reenganche.", }, ], id: "CVE-2022-32212", lastModified: "2024-11-21T07:05:56.093", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-14T15:15:08.237", references: [ { source: "support@hackerone.com", url: "https://hackerone.com/reports/1632921", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://hackerone.com/reports/1632921", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-15 13:15
Modified
2024-11-21 05:51
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*", matchCriteriaId: "D51E96E4-8E0F-4B1D-ACAD-DB726036467F", versionEndExcluding: "4.17.21", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "0CF9A061-2421-426D-9854-0A4E55B2961D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F95EDC3D-54BB-48F9-82F2-7CCF335FCA78", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B72B735F-4E52-484A-9C2C-23E6E2070385", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8B36A1D4-F391-4EE3-9A65-0A10568795BA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "55116032-AAD1-4FEA-9DA8-2C4CBD3D3F61", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0275F820-40BE-47B8-B167-815A55DF578E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8C8E145E-1DF0-4B18-B625-F04DF71F6ACF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "EABAFD73-150F-4DFE-B721-29EB4475D979", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8A45D47B-3401-49CF-92EE-79D007D802A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6A8420D4-AAF1-44AA-BF28-48EE3ED310B9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "2FB80AC5-35F2-4703-AD93-416B46972EEB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "19DAAEFF-AB4A-4D0D-8C86-D2F2811B53B1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "9E14324D-B9EE-4C06-ACC7-255189ED6300", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "CBEBB60F-6EAB-4AE5-B777-5044C657FBA8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B185C1EA-71E6-4972-8637-08A33CC00841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "868E7C46-7E45-4CFA-8A25-7CBFED912096", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", matchCriteriaId: "EC7DB86F-3FAA-43C1-9C44-7CC5FB34419E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "040DA31B-2A0C-46F6-8EDF-9B88F9FB0F48", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "9C416FD3-2E2F-4BBC-BD5F-F896825883F4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D886339E-EDB2-4879-BD54-1800E4CA9CAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "348EEE70-E114-4720-AAAF-E77DE5C9A2D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3DCDD73B-57B1-4580-B922-5662E3AC13B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "55F091C7-0869-4FD6-AC73-DA697D990304", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4D134C60-F9E2-46C2-8466-DB90AD98439E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E6C9A32B-B776-4704-818D-977B4B20D677", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6989178B-A3D5-4441-A56C-6C639D4759DF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "D1298AA2-0103-4457-B260-F976B78468E7", versionEndExcluding: "9.2.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48", versionEndIncluding: "17.12.11", versionStartIncluding: "17.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "301E7158-9090-467C-B3B4-30A8DB3B395D", versionEndIncluding: "18.8.12", versionStartIncluding: "18.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "BBEFACB1-C8EA-492B-8F85-A564DB363C83", versionEndIncluding: "19.12.11", versionStartIncluding: "19.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792", versionEndIncluding: "20.12.7", versionStartIncluding: "20.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", matchCriteriaId: "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "197D0D80-6702-4B61-B681-AFDBA7D69067", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:system_manager:9.0:*:*:*:*:*:*:*", matchCriteriaId: "0968FEE3-7685-4747-AEC0-DB6E0F35E256", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", }, { lang: "es", value: "Las versiones de Lodash anteriores a la 4.17.21 son vulnerables a la inyección de comandos a través de la función de plantilla", }, ], id: "CVE-2021-23337", lastModified: "2024-11-21T05:51:31.643", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-15T13:15:12.560", references: [ { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "report@snyk.io", tags: [ "Broken Link", ], url: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 23:13
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-915275.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*", matchCriteriaId: "6B405F22-5517-49F5-A7CA-1E50D58DFC75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (todas las versiones < V1.0 SP2 Update 3). La aplicación afectada no invalida correctamente las sesiones cuando se elimina o deshabilita el usuario asociado o se modifican sus permisos. Esto podría permitir que un atacante autenticado continúe realizando acciones maliciosas incluso después de que se haya deshabilitado su cuenta de usuario.", }, ], id: "CVE-2024-46892", lastModified: "2024-11-13T23:13:06.400", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-11-12T13:15:09.940", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:31
Severity ?
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). La API REST de los dispositivos afectados no comprueba la longitud de los parámetros en determinadas condiciones. Esto permite que un administrador malintencionado bloquee el servidor enviando una solicitud manipulada a la API. El servidor se reiniciará automáticamente.", }, ], id: "CVE-2023-48430", lastModified: "2024-11-21T08:31:42.457", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-12T12:15:15.433", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-392", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-05 11:15
Modified
2024-11-21 07:00
Severity ?
Summary
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| netapp | active_iq_unified_manager | - | |
| netapp | clustered_data_ontap_antivirus_connector | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s_firmware | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "64B76070-177E-4044-B562-49F6A27F4921", versionEndExcluding: "1.1.1q", versionStartIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "90A8CB87-4C26-472D-8770-84D1195F2FD1", versionEndExcluding: "3.0.5", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "62347994-1353-497C-9C4A-D5D8D95F67E8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", }, { lang: "es", value: "El modo AES OCB para plataformas x86 de 32 bits que utilizan la implementación optimizada de ensamblaje AES-NI no cifrará la totalidad de los datos en algunas circunstancias. Esto podría revelar dieciséis bytes de datos que ya existían en la memoria y que no estaban escritos. En el caso especial del cifrado \"in situ\", se revelarían dieciséis bytes del texto sin formato. Dado que OpenSSL no es compatible con conjuntos de cifrado basados ??en OCB para TLS y DTLS, ambos no están afectados. Corregido en OpenSSL versión 3.0.5 (Afectado 3.0.0-3.0.4). Corregido en OpenSSL 1.1.1q (Afectado 1.1.1-1.1.1p)", }, ], id: "CVE-2022-2097", lastModified: "2024-11-21T07:00:18.757", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-05T11:15:08.340", references: [ { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220705.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220705.txt", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-10 12:15
Modified
2024-11-21 07:28
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones ", }, ], id: "CVE-2022-45093", lastModified: "2024-11-21T07:28:46.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-10T12:15:23.523", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-05 22:15
Modified
2025-04-24 14:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf | Third Party Advisory | |
| support@hackerone.com | https://hackerone.com/reports/1675191 | Exploit, Issue Tracking, Third Party Advisory | |
| support@hackerone.com | https://www.debian.org/security/2023/dsa-5326 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1675191 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5326 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "1D907C43-56F3-4FB8-8F20-C90C65EE5A08", versionEndExcluding: "14.20.1", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", versionEndIncluding: "16.12.0", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "09BD0FC2-5AA1-4A22-8432-A2EEA314FE09", versionEndExcluding: "16.17.1", versionStartIncluding: "16.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "DA8C00DD-A6E5-4E3D-8DD4-F4B51F5C208A", versionEndExcluding: "18.9.1", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", matchCriteriaId: "1D7F3488-19BB-4E97-AC9F-23F847F53774", versionEndExcluding: "6.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.", }, { lang: "es", value: "El analizador llhttp en el módulo http en Node v18.7.0 no maneja correctamente los campos de encabezado que no terminan con CLRF. Esto puede resultar en tráfico ilegal de solicitudes HTTP.", }, ], id: "CVE-2022-35256", lastModified: "2025-04-24T14:15:32.277", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2022-12-05T22:15:10.570", references: [ { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "support@hackerone.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1675191", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/1675191", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-21 15:15
Modified
2024-11-21 07:00
Severity ?
Summary
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C9B6EB2C-EF9B-44AF-B083-BF59B8107801", versionEndExcluding: "1.0.2zf", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "5EAA5CAF-1DE6-4730-9E07-9E6594A5D6BF", versionEndExcluding: "1.1.1p", versionStartIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "4188DBDA-354F-4939-904D-0A9F8A8AB703", versionEndExcluding: "3.0.4", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "85DF4B3F-4BBC-42B7-B729-096934523D63", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_antivirus_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "759D1A24-B23B-404E-AD39-F18D7DBAD501", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "4BB0FDCF-3750-44C6-AC5C-0CC2AAD14093", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "80774A35-B0B8-4F9C-99CA-23849978D158", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*", matchCriteriaId: "95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5921A877-18BF-43FE-915C-D226E140ACFC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*", matchCriteriaId: "7296A1F2-D315-4FD5-8A73-65C480C855BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*", matchCriteriaId: "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "89612649-BACF-4FAC-9BA4-324724FD93A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D9B255-C1AF-42D1-BF9B-13642FBDC080", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D5CDADAB-72A5-4526-8432-E6C9AC56B29F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*", matchCriteriaId: "E64576DE-90F0-4F5E-9C82-AB745CFEDBB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EF5AFE69-7990-4F80-9E63-D8AD58AA3A2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*", matchCriteriaId: "6415E28A-4EAC-4F7F-BD81-1A55CE8B6F40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:fas_a400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CAA3A789-79F7-4DC8-9722-3958A3162EB4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:fas_a400:-:*:*:*:*:*:*:*", matchCriteriaId: "18C138F0-706F-44A8-880E-133F66DE164A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA79D39A-A5F2-4C44-A805-5113065F8C25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*", matchCriteriaId: "4CA55FBD-6EBA-49C8-92BA-2B1BCCB18A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "70ECC434-DF20-49A6-B4CF-D5CCA480E57D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*", matchCriteriaId: "232DC609-8023-41F9-8CE3-1B31CE2F2D93", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56FD9B9A-BBE5-4CA5-B9F9-B16E1FE738C8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*", matchCriteriaId: "F3E70A56-DBA8-45C7-8C49-1A036501156F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:broadcom:sannav:-:*:*:*:*:*:*:*", matchCriteriaId: "E5BAE3DB-F5EE-4AFB-A60E-FE8B809BDE66", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", }, { lang: "es", value: "Además de una inyección de comandos de shell c_rehash identificada en CVE-2022-1292, se encontraron otras circunstancias en las que el script c_rehash no sanea adecuadamente los metacaracteres de shell para evitar la inyección de comandos mediante la revisión del código. Cuando fue corregida la CVE-2022-1292 no ha sido detectado que se presentan otros lugares en el script en los que los nombres de archivo de los certificados a los que es aplicado el hash son pasados posiblemente a un comando ejecutado mediante el shell. Este script es distribuido por algunos sistemas operativos de manera que es ejecutado automáticamente. En dichos sistemas operativos, un atacante podría ejecutar comandos arbitrarios con los privilegios del script. El uso del script c_rehash es considerado obsoleto y debe ser sustituido por la herramienta de línea de comandos OpenSSL rehash. Corregido en OpenSSL versión 3.0.4 (Afectados 3.0.0,3.0.1,3.0.2,3.0.3). Corregido en OpenSSL versión 1.1.1p (Afectado 1.1.1-1.1.1o). Corregido en OpenSSL versión 1.0.2zf (Afectado 1.0.2-1.0.2ze)", }, ], id: "CVE-2022-2068", lastModified: "2024-11-21T07:00:16.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-21T15:15:09.060", references: [ { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220621.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220621.txt", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haxx | libcurl | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 35 | |
| netapp | cloud_backup | - | |
| netapp | clustered_data_ontap | - | |
| oracle | mysql_server | * | |
| oracle | mysql_server | * | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | solidfire_baseboard_management_controller_firmware | - | |
| netapp | solidfire_baseboard_management_controller | - | |
| apple | macos | * | |
| siemens | sinec_ins | * | |
| debian | debian_linux | 11.0 | |
| splunk | universal_forwarder | * | |
| splunk | universal_forwarder | * | |
| splunk | universal_forwarder | 9.1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", matchCriteriaId: "9F299899-24BA-432D-818D-32546C576E9B", versionEndIncluding: "7.78.0", versionStartIncluding: "7.73.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E667933A-37EA-4BC2-9180-C3B4B7038866", versionEndIncluding: "5.7.35", versionStartIncluding: "5.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "709E83B4-8C66-4255-870B-2F72B37BA8C6", versionEndIncluding: "8.0.26", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "9422A022-F279-4596-BC97-3223611D73DC", versionEndExcluding: "12.3", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "65B7AF44-C3DB-4C29-8690-827CD4518653", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", matchCriteriaId: "5722E753-75DE-4944-A11B-556CB299B57D", versionEndExcluding: "8.2.12", versionStartIncluding: "8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", matchCriteriaId: "DC0F9351-81A4-4FEA-B6B5-6E960A933D32", versionEndExcluding: "9.0.6", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.", }, { lang: "es", value: "Cuando se envían datos a un servidor MQTT, libcurl versiones anteriores a 7.73.0, incluyéndola y 7.78.0, podría en algunas circunstancias, mantener erróneamente un puntero a un área de memoria ya liberada y usarlo de nuevo en una llamada posterior para enviar datos y también liberarlo *de nuevo*", }, ], id: "CVE-2021-22945", lastModified: "2024-11-21T05:50:59.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-23T13:15:08.690", references: [ { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { source: "support@hackerone.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "support@hackerone.com", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://hackerone.com/reports/1269242", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213183", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { source: "support@hackerone.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://hackerone.com/reports/1269242", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 23:11
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-915275.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*", matchCriteriaId: "6B405F22-5517-49F5-A7CA-1E50D58DFC75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (todas las versiones < V1.0 SP2 Update 3). La aplicación afectada no desinfecta adecuadamente las rutas proporcionadas por el usuario para la carga y descarga de archivos basados en SFTP. Esto podría permitir que un atacante remoto autenticado manipule archivos arbitrarios en el sistema de archivos y logre la ejecución de código arbitrario en el dispositivo.", }, ], id: "CVE-2024-46888", lastModified: "2024-11-13T23:11:24.570", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "HIGH", subConfidentialityImpact: "HIGH", subIntegrityImpact: "HIGH", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-11-12T13:15:08.927", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-16 17:15
Modified
2024-11-21 06:38
Severity ?
Summary
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| node-fetch_project | node-fetch | * | |
| node-fetch_project | node-fetch | * | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:node-fetch_project:node-fetch:*:*:*:*:*:node.js:*:*", matchCriteriaId: "8BBBB24C-E889-41A5-8758-73FC1EEC04D1", versionEndExcluding: "2.6.7", vulnerable: true, }, { criteria: "cpe:2.3:a:node-fetch_project:node-fetch:*:*:*:*:*:node.js:*:*", matchCriteriaId: "CBA8854F-A214-4FC8-BC82-C9E4CB3D653E", versionEndExcluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", }, { lang: "es", value: "node-fetch es vulnerable a una Exposición de Información Confidencial a un Actor no Autorizado", }, ], id: "CVE-2022-0235", lastModified: "2024-11-21T06:38:12.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-16T17:15:07.870", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10", }, { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7", }, { source: "security@huntr.dev", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security@huntr.dev", type: "Primary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-23 13:15
Modified
2024-11-21 05:54
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Summary
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", matchCriteriaId: "A758DF9F-434B-4A5A-A1DB-632F23BD7EA0", versionEndExcluding: "9.11.37", versionStartIncluding: "9.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*", matchCriteriaId: "73EF3289-D1C2-4AD9-8175-5B060BB98D52", versionEndExcluding: "9.11.37", versionStartIncluding: "9.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", matchCriteriaId: "0001CEE2-7B7E-4499-B2BA-FD50F3EB2A2F", versionEndExcluding: "9.16.27", versionStartIncluding: "9.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*", matchCriteriaId: "C6E69BDE-904C-41D7-88C2-586C3E319499", versionEndExcluding: "9.16.27", versionStartIncluding: "9.16.8", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", matchCriteriaId: "F30CB574-6B4F-4FF1-9729-E5F14FFD7257", versionEndIncluding: "9.18.0", versionStartIncluding: "9.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "ECFE39BF-15FB-4129-9D8C-4F28DABB5D83", versionEndExcluding: "19.3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*", matchCriteriaId: "59006503-B2CA-4F79-AC13-7C5615A74CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "11B5CC5A-1959-4113-BFCF-E4BA63D918C1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*", matchCriteriaId: "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "AF24ACBD-5F84-47B2-BFF3-E9A56666269C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "3935A586-41BD-4FA5-9596-DED6F0864777", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*", matchCriteriaId: "B83FB539-BD7C-4BEE-9022-098F73902F38", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*", matchCriteriaId: "7659AC36-A5EA-468A-9793-C1EC914D36F4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*", matchCriteriaId: "E0E018E1-568E-40F2-ADA5-F71509811879", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s6:*:*:*:*:*:*", matchCriteriaId: "122B09A3-299A-421C-9A6B-B3FEED8E19FA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r2-s7:*:*:*:*:*:*", matchCriteriaId: "55F3E730-83F2-43C2-B6DC-77BAABB2F01D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*", matchCriteriaId: "B9295AF3-A883-47C3-BAF8-3D82F719733E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "F09D3262-394A-43D1-A4ED-8887FCB20F87", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "D3FEA876-302D-4F07-94E6-237C669538F2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "B011854A-932C-4D5C-B469-71F72608DFCB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "94A44054-B47B-453C-BF0F-9E071EFF6542", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s5:*:*:*:*:*:*", matchCriteriaId: "CA3A4806-59AB-43D6-BFE3-A6DCE098335C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.3:r3-s6:*:*:*:*:*:*", matchCriteriaId: "45DA4D89-1362-421F-8218-585CE5D60E81", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*", matchCriteriaId: "9B342307-98CF-45C9-9F08-5EB06C679B79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*", matchCriteriaId: "DC743EE4-8833-452A-94DB-655BF139F883", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "FE96A8EA-FFE3-4D8F-9266-21899149D634", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "C12A75C6-2D00-4202-B861-00FF71585FA0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*", matchCriteriaId: "70FF3DD4-14CB-435D-8529-0480EB853F60", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*", matchCriteriaId: "84429093-AB3C-4C05-B8FA-87D94091820F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*", matchCriteriaId: "4DCFA774-96EF-4018-82CF-95C807025C24", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "76022948-4B07-43CB-824C-44E1AB3537CB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "25446F60-5CB9-4923-BCE8-609AE3CFDFBC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*", matchCriteriaId: "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*", matchCriteriaId: "760E2418-B945-4467-BDAC-7702DDF4C4EE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*", matchCriteriaId: "98097AB6-56CB-42E4-96B4-ABBD4F36553C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s6:*:*:*:*:*:*", matchCriteriaId: "7844B380-7986-4B71-B1AE-22D46E5007D1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r2-s7:*:*:*:*:*:*", matchCriteriaId: "7EF24AFC-D359-4132-A133-1F6680F7BE46", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*", matchCriteriaId: "758275F3-9457-45A2-8F57-65DCD659FC1B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "B46CB928-78B5-4D60-B747-9A0988C7060D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0886EFA6-47E3-4C1D-A278-D3891A487FED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "A209EE6F-E676-4172-8FF3-4E03748DEB13", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "EC395200-9A69-468A-8461-D2219B34AA0E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "08584FCD-4593-4590-A988-C862295E618A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*", matchCriteriaId: "1BF7792C-51FF-4C6E-B5E7-F87738FE4B35", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:19.4:r3-s8:*:*:*:*:*:*", matchCriteriaId: "E69B0ED4-898D-4D7A-9711-8DB00EE3197B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*", matchCriteriaId: "D4CF52CF-F911-4615-9171-42F84429149F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", matchCriteriaId: "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "18DB9401-5A51-4BB3-AC2F-58F58F1C788C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", matchCriteriaId: "06F53DA5-59AE-403C-9B1E-41CE267D8BB1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", matchCriteriaId: "3332262F-81DA-4D78-99C9-514CADA46611", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "B46B63A2-1518-4A29-940C-F05624C9658D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "8E0D4959-3865-42A7-98CD-1103EBD84528", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", matchCriteriaId: "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", matchCriteriaId: "681AE183-7183-46E7-82EA-28C398FA1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "0A80F23B-CD13-4745-BA92-67C23B297A18", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "67D4004B-1233-4258-9C7A-F05189146B44", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "69E33F24-D480-4B5F-956D-D435A551CBE7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*", matchCriteriaId: "03009CC1-21AC-4A46-A747-D0C67FCD41DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", matchCriteriaId: "5C9BC697-C7C9-447D-9EBD-E9711462583E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "7B80433B-57B1-49EF-B1A1-83781D6102E3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "A352BB7A-6F17-4E64-BC02-1A7E4CD42653", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", matchCriteriaId: "05D8427C-CDDE-4B2F-9CB8-41B9137660E4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "F3DC01F2-6DFE-4A8E-9962-5E59AA965935", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", matchCriteriaId: "7DA0E196-925E-4056-B411-E158702D5D4F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E33A522F-E35C-4473-9CBD-9C6E5A831086", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "E9AE26EB-699B-4B10-87E2-9E731B820F32", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "A29E0070-47E9-43DD-9303-C732FE8CC851", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "A5E7E8D2-5D08-492E-84FC-8803E50F2CA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", matchCriteriaId: "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", matchCriteriaId: "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F462F4E3-762C-429F-8D25-5521100DD37C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", matchCriteriaId: "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "689FE1AE-7A85-4FB6-AB02-E732F23581B6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "79E56DAC-75AD-4C81-9835-634B40C15DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", matchCriteriaId: "A0040FE2-7ECD-4755-96CE-E899BA298E0C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "076AB086-BB79-4583-AAF7-A5233DFB2F95", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "72E2DDF6-01DF-4880-AB60-B3DA3281E88D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0C7C507E-C85E-4BC6-A3B0-549516BAB524", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", matchCriteriaId: "6514CDE8-35DC-469F-89A3-078684D18F7A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4624565D-8F59-44A8-B7A8-01AD579745E7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", matchCriteriaId: "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.", }, { lang: "es", value: "BIND versiones 9.11.0 posteriores a 9.11.36, versiones 9.12.0 posteriores a 9.16.26, versiones 9.17.0 posteriores a 9.18.0, Ediciones Preliminares Soportadas con BIND: versiones .11.4-S1 posteriores a 9.11.36-S1, versiones 9.16.8-S1 posteriores a 9.16.26-S1, también creemos que las versiones de BIND 9 anteriores a las mostradas - hasta la versión 9.1.0, incluyendo las ediciones preliminares soportadas - también están afectadas pero no han sido probadas ya que son EOL. La caché podría envenenarse con registros incorrectos, conllevando a una realización de consultas a servidores erróneos, lo que también podría resultar en que se devolviera información falsa a clientes", }, ], id: "CVE-2021-25220", lastModified: "2024-11-21T05:54:34.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4, source: "security-officer@isc.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-03-23T13:15:07.680", references: [ { source: "security-officer@isc.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "security-officer@isc.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://kb.isc.org/v1/docs/cve-2021-25220", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/", }, { source: "security-officer@isc.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { source: "security-officer@isc.org", url: "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://kb.isc.org/v1/docs/cve-2021-25220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220408-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US", }, ], sourceIdentifier: "security-officer@isc.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-10 12:15
Modified
2024-11-21 07:28
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones ", }, ], id: "CVE-2022-45092", lastModified: "2024-11-21T07:28:45.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-10T12:15:23.453", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-14 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "C542B052-1935-4F37-8843-461401EACDCB", versionEndExcluding: "18.5.0", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.", }, { lang: "es", value: "Se presenta una vulnerabilidad criptográfica en Node.js en linux en versiones 18.x anteriores a 18.40.0, que permitía una ruta por defecto para openssl.cnf que podría ser accesible en algunas circunstancias para un usuario no administrador en lugar de /etc/ssl como era el caso en las versiones anteriores a la actualización a OpenSSL 3", }, ], id: "CVE-2022-32222", lastModified: "2024-11-21T07:05:57.337", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-14T15:15:08.437", references: [ { source: "support@hackerone.com", tags: [ "Exploit", ], url: "https://hackerone.com/reports/1695596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://hackerone.com/reports/1695596", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-15 11:15
Modified
2024-11-21 05:22
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*", matchCriteriaId: "D51E96E4-8E0F-4B1D-ACAD-DB726036467F", versionEndExcluding: "4.17.21", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "0CF9A061-2421-426D-9854-0A4E55B2961D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F95EDC3D-54BB-48F9-82F2-7CCF335FCA78", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B72B735F-4E52-484A-9C2C-23E6E2070385", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8B36A1D4-F391-4EE3-9A65-0A10568795BA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "55116032-AAD1-4FEA-9DA8-2C4CBD3D3F61", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0275F820-40BE-47B8-B167-815A55DF578E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8C8E145E-1DF0-4B18-B625-F04DF71F6ACF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "EABAFD73-150F-4DFE-B721-29EB4475D979", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8A45D47B-3401-49CF-92EE-79D007D802A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6A8420D4-AAF1-44AA-BF28-48EE3ED310B9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "2FB80AC5-35F2-4703-AD93-416B46972EEB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "19DAAEFF-AB4A-4D0D-8C86-D2F2811B53B1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*", matchCriteriaId: "9E14324D-B9EE-4C06-ACC7-255189ED6300", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "CBEBB60F-6EAB-4AE5-B777-5044C657FBA8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B185C1EA-71E6-4972-8637-08A33CC00841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", matchCriteriaId: "EC7DB86F-3FAA-43C1-9C44-7CC5FB34419E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*", matchCriteriaId: "A67AA54B-258D-4D09-9ACB-4085E0B3E585", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "9C416FD3-2E2F-4BBC-BD5F-F896825883F4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D886339E-EDB2-4879-BD54-1800E4CA9CAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "348EEE70-E114-4720-AAAF-E77DE5C9A2D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3DCDD73B-57B1-4580-B922-5662E3AC13B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "55F091C7-0869-4FD6-AC73-DA697D990304", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4D134C60-F9E2-46C2-8466-DB90AD98439E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E6C9A32B-B776-4704-818D-977B4B20D677", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6989178B-A3D5-4441-A56C-6C639D4759DF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "D1298AA2-0103-4457-B260-F976B78468E7", versionEndExcluding: "9.2.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48", versionEndIncluding: "17.12.11", versionStartIncluding: "17.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "301E7158-9090-467C-B3B4-30A8DB3B395D", versionEndIncluding: "18.8.12", versionStartIncluding: "18.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "BBEFACB1-C8EA-492B-8F85-A564DB363C83", versionEndIncluding: "19.12.11", versionStartIncluding: "19.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792", versionEndIncluding: "20.12.7", versionStartIncluding: "20.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", }, { lang: "es", value: "Las versiones de Lodash anteriores a la 4.17.21 son vulnerables a la denegación de servicio por expresiones regulares (ReDoS) a través de las funciones toNumber, trim y trimEnd", }, ], id: "CVE-2020-28500", lastModified: "2024-11-21T05:22:55.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-15T11:15:12.397", references: [ { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "report@snyk.io", tags: [ "Broken Link", ], url: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lodash/lodash/pull/5065", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", }, { source: "report@snyk.io", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lodash/lodash/pull/5065", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210312-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 23:12
Severity ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-915275.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*", matchCriteriaId: "6B405F22-5517-49F5-A7CA-1E50D58DFC75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (todas las versiones < V1.0 SP2 Update 3). La aplicación afectada no valida correctamente la entrada enviada a endpoints específicos de su API web. Esto podría permitir que un atacante remoto autenticado con privilegios elevados en la aplicación ejecute código arbitrario en el sistema operativo subyacente.", }, ], id: "CVE-2024-46890", lastModified: "2024-11-13T23:12:39.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "productcert@siemens.com", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "HIGH", subConfidentialityImpact: "HIGH", subIntegrityImpact: "HIGH", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2024-11-12T13:15:09.463", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:31
Severity ?
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*", matchCriteriaId: "A6BEA71C-CA81-4B5D-A688-2B21E62DC351", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). El mecanismo de configuración de radio de los productos afectados no verifica correctamente los certificados cargados. Un administrador malintencionado podría cargar un certificado manipulado, lo que provocaría una condición de denegación de servicio o podría emitir comandos a nivel del sistema.", }, ], id: "CVE-2023-48428", lastModified: "2024-11-21T08:31:42.200", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2023-12-12T12:15:14.873", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-14 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| llhttp | llhttp | * | |
| llhttp | llhttp | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| debian | debian_linux | 11.0 | |
| stormshield | stormshield_management_center | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", matchCriteriaId: "C2150173-C986-4D63-AA7F-9618AA856F2C", versionEndExcluding: "2.1.5", vulnerable: true, }, { criteria: "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", matchCriteriaId: "FBB4A716-D0D0-4319-BAF0-7F012973330A", versionEndExcluding: "6.0.7", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "1D907C43-56F3-4FB8-8F20-C90C65EE5A08", versionEndExcluding: "14.20.1", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", versionEndIncluding: "16.12.0", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "09BD0FC2-5AA1-4A22-8432-A2EEA314FE09", versionEndExcluding: "16.17.1", versionStartIncluding: "16.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "DA8C00DD-A6E5-4E3D-8DD4-F4B51F5C208A", versionEndExcluding: "18.9.1", versionStartIncluding: "18.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", matchCriteriaId: "A334F7B4-7283-4453-BAED-D2E01B7F8A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "57CACB72-BAD7-41F6-9977-321DA7F79519", versionEndExcluding: "3.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).", }, { lang: "es", value: "El analizador llhttp anteriores a la versión v14.20.1, anteriores a la versión v16.17.1 y anteriores a la versión v18.9.1 del módulo http en Node.js no analiza y valida correctamente las cabeceras Transfer-Encoding y puede dar lugar a HTTP Request Smuggling (HRS)", }, ], id: "CVE-2022-32213", lastModified: "2024-11-21T07:05:56.257", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-14T15:15:08.287", references: [ { source: "support@hackerone.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "support@hackerone.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/1524555", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { source: "support@hackerone.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { source: "support@hackerone.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { source: "support@hackerone.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/1524555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }