Common Weakness Enumeration

CWE-1287

Allowed

Improper Validation of Specified Type of Input

Abstraction: Base · Status: Incomplete

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

259 vulnerabilities reference this CWE, most recent first.

CVE-2024-8058 (GCVE-0-2024-8058)

Vulnerability from cvelistv5 – Published: 2024-12-16 17:04 – Updated: 2025-08-27 21:43
VLAI
Summary
An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Vendor Product Version
Lenovo FileZ Client Affected: 0 , < 9.8.6.0 (custom)
Create a notification for this product.
Credits
Lenovo thanks HisJane for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.6,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-8058",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-16T17:16:37.213832Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T21:43:06.241Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FileZ Client",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "9.8.6.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lenovo thanks HisJane for reporting this issue."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading.\u003c/span\u003e"
            }
          ],
          "value": "An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-16T17:04:30.539Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://www.filez.com/securityPolicy/1.html?1733849740"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eUpdate FileZ client to version 9.8.6.0 or later.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Update FileZ client to version 9.8.6.0 or later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2024-8058",
    "datePublished": "2024-12-16T17:04:30.539Z",
    "dateReserved": "2024-08-21T18:19:03.178Z",
    "dateUpdated": "2025-08-27T21:43:06.241Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6858 (GCVE-0-2024-6858)

Vulnerability from cvelistv5 – Published: 2026-06-04 21:51 – Updated: 2026-06-05 20:13
VLAI
Title
In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.
Summary
In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper validation of specified type of input
Assigner
Impacted products
Vendor Product Version
Arista Networks EOS Affected: 4.31.0 , ≤ 4.31.1F (custom)
Affected: 4.30.0 , ≤ 4.30.5M (custom)
Affected: 4.29.0 , ≤ 4.29.7M (custom)
Affected: 4.28.10 , ≤ 4.28.10.1M (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-6858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-05T20:13:55.762154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-05T20:13:59.275Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "720D Series",
            "720XP/722XPM Series",
            "750X Series",
            "7010 Series",
            "7010X Series",
            "7020R Series",
            "7130 Series running EOS",
            "7150 Series",
            "7160 Series",
            "7170 Series",
            "7050X/X2/X3/X4 Series",
            "7060X/X2/X4/X5/X6 Series",
            "7250X Series",
            "7260X/X3 Series",
            "7280E/R/R2/R3 Series",
            "7300X/X3 Series",
            "7320X Series",
            "7358X4 Series",
            "7368X4 Series",
            "7388X5 Series",
            "7500E/R/R2/R3 Series",
            "7800R3 Series"
          ],
          "product": "EOS",
          "vendor": "Arista Networks",
          "versions": [
            {
              "lessThanOrEqual": "4.31.1F",
              "status": "affected",
              "version": "4.31.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.30.5M",
              "status": "affected",
              "version": "4.30.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.29.7M",
              "status": "affected",
              "version": "4.29.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.28.10.1M",
              "status": "affected",
              "version": "4.28.10",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIn order to be vulnerable to CVE-2024-6858, the following conditions must be met:\u003c/p\u003e\u003cp\u003e(1) dot1x should be configured on port as authenticator and port-control is auto mode and hostMode is multi-host. Please note the default host-mode is multi-host.\u003c/p\u003e\u003cpre\u003eswitch(config-if-et1)#show active\ninterface Ethernet1\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x pae authenticator\u003cbr\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x port-control auto\u003cbr\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x host-mode multi-host\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cp\u003eAND\u003cbr\u003e(2) Fallback VLAN should be configured on port. Fallback VLAN can be configured in any of the following ways listed below;\u003c/p\u003e\u003cp\u003e(2-a) Global Configuration for unresponsive VLAN.\u003c/p\u003e\u003cpre\u003eswitch(config-dot1x)#show active\ndot1x\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;aaa unresponsive action traffic allow vlan \u0026lt;vlan-id\u0026gt;\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n   \nOR\n   \nswitch(config-dot1x)#show active\ndot1x\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;aaa unresponsive action traffic allow\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eOR\u003cbr\u003e(2-b) Global Configuration for unresponsive phone VLAN.\u003c/div\u003e\u003cpre\u003eswitch(config-dot1x)#show active\ndot1x\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;aaa unresponsive phone action traffic allow\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eOR\u003cbr\u003e(2-c) Global Configuration for guest VLAN.\u003c/div\u003e\u003cpre\u003eswitch(config-dot1x)#show active\ndot1x\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;eapol unresponsive action traffic allow vlan \u0026lt;vlan-id\u0026gt;\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eOR\u003cbr\u003e(2-d) Authentication failure VLAN configured on port.\u003c/div\u003e\u003cpre\u003eswitch(config-if-et1)#show active\ninterface Ethernet1\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x authentication failure action traffic allow vlan \u0026lt;vlan_id\u0026gt;\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eOR\u003cbr\u003e(2-e) Unresponsive VLAN configured on port.\u003c/div\u003e\u003cpre\u003eswitch(config-if-et1)#show active\ninterface Ethernet1\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x aaa unresponsive action traffic allow vlan \u0026lt;vlan_id\u0026gt;\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eOR\u003cbr\u003e(2-f) Unresponsive phone VLAN configured on port.\u003c/div\u003e\u003cpre\u003eswitch(config-if-et1)#show active\ninterface Ethernet1\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\n\u0026nbsp;\u0026nbsp;\u0026nbsp;dot1x aaa unresponsive phone action traffic allow\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u2026\u2026\u2026\u2026\u003c/pre\u003e"
            }
          ],
          "value": "In order to be vulnerable to CVE-2024-6858, the following conditions must be met:\n\n\n\n(1) dot1x should be configured on port as authenticator and port-control is auto mode and hostMode is multi-host. Please note the default host-mode is multi-host.\n\n\n\nswitch(config-if-et1)#show active\ninterface Ethernet1\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0dot1x pae authenticator\n\n\u00a0\u00a0\u00a0dot1x port-control auto\n\n\u00a0\u00a0\u00a0dot1x host-mode multi-host\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\n\nAND\n(2) Fallback VLAN should be configured on port. Fallback VLAN can be configured in any of the following ways listed below;\n\n\n\n(2-a) Global Configuration for unresponsive VLAN.\n\n\n\nswitch(config-dot1x)#show active\ndot1x\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0aaa unresponsive action traffic allow vlan \u003cvlan-id\u003e\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n   \nOR\n   \nswitch(config-dot1x)#show active\ndot1x\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0aaa unresponsive action traffic allow\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\u00a0\n\nOR\n(2-b) Global Configuration for unresponsive phone VLAN.\n\n\n\nswitch(config-dot1x)#show active\ndot1x\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0aaa unresponsive phone action traffic allow\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\u00a0\n\nOR\n(2-c) Global Configuration for guest VLAN.\n\n\n\nswitch(config-dot1x)#show active\ndot1x\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0eapol unresponsive action traffic allow vlan \u003cvlan-id\u003e\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\u00a0\n\nOR\n(2-d) Authentication failure VLAN configured on port.\n\n\n\nswitch(config-if-et1)#show active\ninterface Ethernet1\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0dot1x authentication failure action traffic allow vlan \u003cvlan_id\u003e\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\u00a0\n\nOR\n(2-e) Unresponsive VLAN configured on port.\n\n\n\nswitch(config-if-et1)#show active\ninterface Ethernet1\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0dot1x aaa unresponsive action traffic allow vlan \u003cvlan_id\u003e\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\n\n\u00a0\n\nOR\n(2-f) Unresponsive phone VLAN configured on port.\n\n\n\nswitch(config-if-et1)#show active\ninterface Ethernet1\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026\n\u00a0\u00a0\u00a0dot1x aaa unresponsive phone action traffic allow\n\u00a0\u00a0\u00a0\u2026\u2026\u2026\u2026"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Arista\u2019s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN."
            }
          ],
          "value": "In Arista\u2019s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper validation of specified type of input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-04T21:51:08.709Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19917-security-advisory-0103"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see\u0026nbsp;\u003ca href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\" target=\"_blank\" rel=\"noopener noreferrer\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2024-6858 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.31.2F and later releases in the 4.31.x train.\u003c/li\u003e\u003cli\u003e4.30.6M and later releases in the 4.30.x train.\u003c/li\u003e\u003cli\u003e4.29.8M and later releases in the 4.29.x train.\u003c/li\u003e\u003cli\u003e4.28.11M and later releases in the 4.28.x train.\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see\u00a0 EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2024-6858 has been fixed in the following releases:\n\n  *  4.31.2F and later releases in the 4.31.x train.\n  *  4.30.6M and later releases in the 4.30.x train.\n  *  4.29.8M and later releases in the 4.29.x train.\n  *  4.28.11M and later releases in the 4.28.x train."
        }
      ],
      "source": {
        "advisory": "103",
        "defect": [
          "BUG 828435"
        ],
        "discovery": "INTERNAL"
      },
      "title": "In Arista\u2019s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis vulnerability arises when there is an EAPOL supplicant in any of the fallback VLAN\u2019s ( i.e. auth-fail, unresponsive VLAN ). If only unauthenticated EAPOL supplicants are expected the admin can change dot1x host-mode to single-host as indicated below.\u003c/p\u003e\u003cpre\u003eswitch(config-if-et1)#dot1x host-mode single-host\n\u003c/pre\u003e\u003cul\u003e\u003cli\u003eDot1x Host Mode\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eSingle Host Mode: Please note when once the 802.1X supplicant is authenticated on the port, ONLY the traffic coming from the supplicant\u0027s MAC is allowed through the port.\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eMulti-Host Mode: Once the 802.1X supplicant is authenticated on the port, traffic coming from ANY source MAC is allowed through the port.\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eMulti-Host authenticated Mode: Multiple 802.1X supplicants can be allowed and ONLY the traffic coming from all authenticated supplicant\u2019s MAC is allowed through the port.\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "This vulnerability arises when there is an EAPOL supplicant in any of the fallback VLAN\u2019s ( i.e. auth-fail, unresponsive VLAN ). If only unauthenticated EAPOL supplicants are expected the admin can change dot1x host-mode to single-host as indicated below.\n\n\n\nswitch(config-if-et1)#dot1x host-mode single-host\n\n\n  *  Dot1x Host Mode\n  *  \n\nSingle Host Mode: Please note when once the 802.1X supplicant is authenticated on the port, ONLY the traffic coming from the supplicant\u0027s MAC is allowed through the port.\n\n\n  *  \n\nMulti-Host Mode: Once the 802.1X supplicant is authenticated on the port, traffic coming from ANY source MAC is allowed through the port.\n\n\n  *  \n\nMulti-Host authenticated Mode: Multiple 802.1X supplicants can be allowed and ONLY the traffic coming from all authenticated supplicant\u2019s MAC is allowed through the port."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2024-6858",
    "datePublished": "2026-06-04T21:51:08.709Z",
    "dateReserved": "2024-07-17T20:13:57.799Z",
    "dateUpdated": "2026-06-05T20:13:59.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-6298 (GCVE-0-2024-6298)

Vulnerability from cvelistv5 – Published: 2024-07-05 11:06 – Updated: 2024-12-05 12:16
VLAI
Title
remote code execution
Summary
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
ABB
Impacted products
Vendor Product Version
ABB ASPECT-Enterprise Affected: 0 , ≤ 3.08.01 (custom)
Create a notification for this product.
ABB NEXUS Series Affected: 0 , ≤ 3.08.01 (custom)
Create a notification for this product.
ABB MATRIX Series Affected: 0 , ≤ 3.08.01 (custom)
Create a notification for this product.
abb aspect-ent-2_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb aspect-ent-96_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-2128-a_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-2128-a_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-2128-f_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-2128-f_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-2128_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-2128-g_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-2128-g_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-264-a_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-264-a_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-264-f_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-264-f_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-264_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-264-g_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-264-g_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-3-2128_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb nexus-3-264_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb matrix-11_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb matrix-216_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb matrix-232_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb matrix-264_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb aspect-ent-12_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb aspect-ent-256_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
abb matrix-296_firmware Affected: 0 , < 3.08.01 (custom)
    cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "aspect-ent-2_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "aspect-ent-96_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-2128-a_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-2128-a_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-2128-f_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-2128-f_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-2128_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-2128-g_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-2128-g_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-264-a_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-264-a_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-264-f_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-264-f_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-264_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-264-g_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nexus-264-g_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-3-2128_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "nexus-3-264_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "matrix-11_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "matrix-216_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "matrix-232_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "matrix-264_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "aspect-ent-12_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "aspect-ent-256_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "matrix-296_firmware",
            "vendor": "abb",
            "versions": [
              {
                "lessThan": "3.08.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6298",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-05T17:05:07.391904Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:24:03.161Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:05.210Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.39956449.23035250.1719878527-141379670.1701144964"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "ASPECT-Enterprise",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.01",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "NEXUS Series",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.01",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "MATRIX Series",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.01",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series\n\n v3.08.01\n\n; MATRIX Series \n\n v3.08.01 allows Attacker to execute arbitrary code remotely\u0026nbsp;"
            }
          ],
          "value": "Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series\n\n v3.08.01\n\n; MATRIX Series \n\n v3.08.01 allows Attacker to execute arbitrary code remotely"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-253",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-253 Remote Code Inclusion"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "IRRECOVERABLE",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:I/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-05T12:16:19.488Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "remote code execution",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2024-6298",
    "datePublished": "2024-07-05T11:06:35.066Z",
    "dateReserved": "2024-06-25T06:38:32.703Z",
    "dateUpdated": "2024-12-05T12:16:19.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5594 (GCVE-0-2024-5594)

Vulnerability from cvelistv5 – Published: 2025-01-06 13:52 – Updated: 2025-11-03 20:48
VLAI
Summary
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Vendor Product Version
OpenVPN OpenVPN Affected: 0 , < 2.6.11 (patch)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-5594",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T16:56:30.416711Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T20:40:13.684Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:48:53.705Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenVPN",
          "vendor": "OpenVPN",
          "versions": [
            {
              "lessThan": "2.6.11",
              "status": "affected",
              "version": "0",
              "versionType": "patch"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-02T21:00:17.688Z",
        "orgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e",
        "shortName": "OpenVPN"
      },
      "references": [
        {
          "url": "https://community.openvpn.net/openvpn/wiki/CVE-2024-5594"
        },
        {
          "url": "https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e",
    "assignerShortName": "OpenVPN",
    "cveId": "CVE-2024-5594",
    "datePublished": "2025-01-06T13:52:20.272Z",
    "dateReserved": "2024-06-03T08:46:40.371Z",
    "dateUpdated": "2025-11-03T20:48:53.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-4879 (GCVE-0-2024-4879)

Vulnerability from cvelistv5 – Published: 2024-07-10 16:16 – Updated: 2025-10-21 22:55
VLAI
Title
Jelly Template Injection Vulnerability in ServiceNow UI Macros
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
SN
Impacted products
Vendor Product Version
ServiceNow Now Platform Affected: 0 , < Utah Patch 10 Hot Fix 3 (custom)
Affected: 0 , < Utah Patch 10a Hot Fix 2 (custom)
Affected: 0 , < Vancouver Patch 6 Hot Fix 2 (custom)
Affected: 0 , < Vancouver Patch 7 Hot Fix 3b (custom)
Affected: 0 , < Vancouver Patch 8 Hot Fix 4 (custom)
Affected: 0 , < Vancouver Patch 9 (custom)
Affected: 0 , < Vancouver Patch 10 (custom)
Affected: 0 , < Washington DC Patch 1 Hot Fix 2b (custom)
Affected: 0 , < Washington DC Patch 2 Hot Fix 2 (custom)
Affected: 0 , < Washington DC Patch 3 Hot Fix 1 (custom)
Affected: 0 , < Washington DC Patch 4 (custom)
Create a notification for this product.
servicenow servicenow Affected: 0 , < utah_patch_10_hot_fix_3 (custom)
Affected: 0 , < utah_patch_10a_hot_fix_2 (custom)
Affected: 0 , < vancouver_patch_6_hot_fix_2 (custom)
Affected: 0 , < vancouver_patch_7_hot_fix_3b (custom)
Affected: 0 , < vancouver_patch_8_hot_fix_4 (custom)
Affected: 0 , < vancouver_patch_9 (custom)
Affected: 0 , < vancouver_patch_10 (custom)
Affected: 0 , < washington_dc_patch_1_hot_fix_2b (custom)
Affected: 0 , < washington_dc_patch_2_hot_fix_2 (custom)
Affected: 0 , < washington_dc_patch_3_hot_fix_1 (custom)
Affected: 0 , < washington_dc_patch_4 (custom)
    cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Adam Kues Assetnote Attack Surface Management
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "servicenow",
            "vendor": "servicenow",
            "versions": [
              {
                "lessThan": "utah_patch_10_hot_fix_3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "utah_patch_10a_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_6_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_7_hot_fix_3b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_8_hot_fix_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "vancouver_patch_10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_1_hot_fix_2b",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_2_hot_fix_2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_3_hot_fix_1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "washington_dc_patch_4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4879",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T18:58:02.257329Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-07-29",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:49.702Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-07-29T00:00:00.000Z",
            "value": "CVE-2024-4879 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:55:10.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
          },
          {
            "tags": [
              "x_login-required",
              "x_transferred"
            ],
            "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Now Platform",
          "vendor": "ServiceNow",
          "versions": [
            {
              "lessThan": "Utah Patch 10 Hot Fix 3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Utah Patch 10a Hot Fix 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Vancouver Patch 6 Hot Fix 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Vancouver Patch 7 Hot Fix 3b",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Vancouver Patch 8 Hot Fix 4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Vancouver Patch 9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Vancouver Patch 10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Washington DC Patch 1 Hot Fix 2b",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Washington DC Patch 2 Hot Fix 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Washington DC Patch 3 Hot Fix 1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "Washington DC Patch 4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Adam Kues"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Assetnote Attack Surface Management"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u003c/span\u003e\u0026nbsp;\u003c/span\u003eServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003cdiv\u003e\u003c/div\u003e"
            }
          ],
          "value": "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-29T22:28:49.374Z",
        "orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
        "shortName": "SN"
      },
      "references": [
        {
          "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
        },
        {
          "tags": [
            "x_login-required"
          ],
          "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
        },
        {
          "url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Jelly Template Injection Vulnerability in ServiceNow UI Macros",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
    "assignerShortName": "SN",
    "cveId": "CVE-2024-4879",
    "datePublished": "2024-07-10T16:16:39.926Z",
    "dateReserved": "2024-05-14T17:39:41.655Z",
    "dateUpdated": "2025-10-21T22:55:49.702Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2105 (GCVE-0-2024-2105)

Vulnerability from cvelistv5 – Published: 2025-12-10 13:01 – Updated: 2025-12-10 15:49
VLAI
Title
JBL: Improper validation of ICM field in connection requests
Summary
An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Credits
Mattar Bernhard from Hummus Sec
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2105",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-10T15:49:43.543497Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-10T15:49:54.790Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Flip 5",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Flip 6",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Pulse 4",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Pulse 5",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Boombox 2",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Boombox 3",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Xtreme 3",
          "vendor": "JBL",
          "versions": [
            {
              "status": "affected",
              "version": "*"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Mattar Bernhard from Hummus Sec"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices."
            }
          ],
          "value": "An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-10T13:01:54.421Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://harman.csaf-tp.certvde.com/.well-known/csaf/white/2025/hbsa-2025-0002.json"
        },
        {
          "url": "https://certvde.com/en/advisories/VDE-2025-089"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "JBL: Improper validation of ICM field in connection requests",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2024-2105",
    "datePublished": "2025-12-10T13:01:54.421Z",
    "dateReserved": "2024-03-01T16:45:43.784Z",
    "dateUpdated": "2025-12-10T15:49:54.790Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-1578 (GCVE-0-2024-1578)

Vulnerability from cvelistv5 – Published: 2024-09-16 06:59 – Updated: 2024-09-16 14:33 X_Nt_Ware X_Rf_Ideas X_Third_Party X_Canon_Emea
VLAI
Title
Multiple MiCard PLUS card reader dropped characters
Summary
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the ‘ID card self-registration’ function.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
Date Public
2024-09-16 06:59
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nt-ware:micard_plus_ci:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "micard_plus_ci",
            "vendor": "nt-ware",
            "versions": [
              {
                "status": "affected",
                "version": "0.1.0.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nt-ware:micard_plus_ble:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "micard_plus_ble",
            "vendor": "nt-ware",
            "versions": [
              {
                "status": "affected",
                "version": "0.1.0.4"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-1578",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-16T14:25:22.510204Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-16T14:33:10.067Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "RDR-80031BKU-NT-20"
          ],
          "product": "MiCard PLUS Ci",
          "vendor": "Rebranded by NT-ware (originally developed and provided by rf IDEAS)",
          "versions": [
            {
              "status": "affected",
              "version": "0.1.0.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "modules": [
            "RDR-30531EKU-NT-20"
          ],
          "product": "MiCard PLUS BLE",
          "vendor": "Rebranded by NT-ware (originally developed and provided by rf IDEAS)",
          "versions": [
            {
              "status": "affected",
              "version": "0.1.0.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-09-16T06:59:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the \u2018ID card self-registration\u2019 function."
            }
          ],
          "value": "The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the \u2018ID card self-registration\u2019 function."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Not applicable"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "PHYSICAL",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-16T06:59:35.306Z",
        "orgId": "4586e0a2-224d-4f8a-9cb4-8882b208c0b3",
        "shortName": "Canon_EMEA"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "mitigation"
          ],
          "url": "https://ntware.atlassian.net/wiki/spaces/SA/pages/11973853216/2024+Security+Advisory+Multiple+MiCard+PLUS+card+reader+dropped+characters"
        },
        {
          "tags": [
            "vendor-advisory",
            "mitigation"
          ],
          "url": "https://www.canon-europe.com/psirt/advisory-information"
        }
      ],
      "source": {
        "discovery": "USER"
      },
      "tags": [
        "x_nt_ware",
        "x_rf_ideas",
        "x_third_party",
        "x_canon_emea"
      ],
      "title": "Multiple MiCard PLUS card reader dropped characters",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4586e0a2-224d-4f8a-9cb4-8882b208c0b3",
    "assignerShortName": "Canon_EMEA",
    "cveId": "CVE-2024-1578",
    "datePublished": "2024-09-16T06:59:35.306Z",
    "dateReserved": "2024-02-16T10:45:13.818Z",
    "dateUpdated": "2024-09-16T14:33:10.067Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47727 (GCVE-0-2023-47727)

Vulnerability from cvelistv5 – Published: 2024-05-02 14:43 – Updated: 2024-08-02 21:16
VLAI
Title
IBM QRadar Suite Software file manipulation
Summary
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
ibm
Impacted products
Vendor Product Version
IBM Cloud Pak for Security Affected: 1.10.0.0 , ≤ 1.10.11.0 (semver)
Create a notification for this product.
IBM QRadar Suite Software Affected: 1.10.12.0 , ≤ 1.10.20.0 (semver)
Create a notification for this product.
ibm cloud_pak_for_security Affected: 1.10.0.0 , ≤ 1.10.11.0 (custom)
    cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*
Create a notification for this product.
ibm qradar_suite Affected: 1.10.12.0 , ≤ 1.10.20.0 (custom)
    cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Vincent Dragnea
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_pak_for_security",
            "vendor": "ibm",
            "versions": [
              {
                "lessThanOrEqual": "1.10.11.0",
                "status": "affected",
                "version": "1.10.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qradar_suite",
            "vendor": "ibm",
            "versions": [
              {
                "lessThanOrEqual": "1.10.20.0 ",
                "status": "affected",
                "version": "1.10.12.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47727",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-02T17:29:07.533265Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:26:38.542Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:16:43.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/7149968"
          },
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272089"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Pak for Security",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.10.11.0",
              "status": "affected",
              "version": "1.10.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QRadar Suite Software",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.10.20.0",
              "status": "affected",
              "version": "1.10.12.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vincent Dragnea"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation.  IBM X-Force ID:  272089."
            }
          ],
          "value": "IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation.  IBM X-Force ID:  272089."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-02T14:43:57.748Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.ibm.com/support/pages/node/7149968"
        },
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272089"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM QRadar Suite Software file manipulation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2023-47727",
    "datePublished": "2024-05-02T14:43:57.748Z",
    "dateReserved": "2023-11-09T11:31:22.401Z",
    "dateUpdated": "2024-08-02T21:16:43.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47726 (GCVE-0-2023-47726)

Vulnerability from cvelistv5 – Published: 2024-06-18 13:40 – Updated: 2024-08-02 21:16
VLAI
Title
IBM QRadar Suite improper input validation
Summary
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
ibm
Impacted products
Vendor Product Version
IBM QRadar Suite Software Affected: 1.10.12.0 , ≤ 1.10.21.0 (semver)
    cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_suite:1.10.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:cloud_pak_for_security:1.10.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:cloud_pak_for_security:1.10.21.0:*:*:*:*:*:*:*
Create a notification for this product.
IBM Cloud Pak for Security Affected: 1.10.12.0 , ≤ 1.10.21.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47726",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T20:31:06.948638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T20:31:26.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:16:43.641Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://https://www.ibm.com/support/pages/node/7157750"
          },
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:qradar_suite:1.10.21.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.21.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "QRadar Suite Software",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.10.21.0",
              "status": "affected",
              "version": "1.10.12.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Pak for Security",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.10.21.0",
              "status": "affected",
              "version": "1.10.12.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation.  IBM X-Force ID:  272087."
            }
          ],
          "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation.  IBM X-Force ID:  272087."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-18T13:40:39.683Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://https://www.ibm.com/support/pages/node/7157750"
        },
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM QRadar Suite improper input validation",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2023-47726",
    "datePublished": "2024-06-18T13:40:39.683Z",
    "dateReserved": "2023-11-09T11:31:22.401Z",
    "dateUpdated": "2024-08-02T21:16:43.641Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32651 (GCVE-0-2023-32651)

Vulnerability from cvelistv5 – Published: 2024-02-14 13:37 – Updated: 2024-08-14 18:39
VLAI
Summary
Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • denial of service
  • CWE-1287 - Improper validation of specified type of input
Assigner
Impacted products
Vendor Product Version
n/a Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software Affected: before version 22.240
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:36.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32651",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-14T18:38:37.285018Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-14T18:39:09.688Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 22.240"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en"
            },
            {
              "cweId": "CWE-1287",
              "description": "Improper validation of specified type of input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T13:37:58.475Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-32651",
    "datePublished": "2024-02-14T13:37:58.475Z",
    "dateReserved": "2023-06-15T03:00:04.926Z",
    "dateUpdated": "2024-08-14T18:39:09.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

No CAPEC attack patterns related to this CWE.