CWE-23
Relative Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
CVE-2024-3497 (GCVE-0-2024-3497)
Vulnerability from cvelistv5 – Published: 2024-06-14 04:17 – Updated: 2024-08-01 20:12
VLAI
Title
Directory Traversal Remote Code Execution Vulnerability
Summary
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL.
Severity
8.8 (High)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Affected:
see the reference URL
|
Date Public
2024-06-14 02:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2521_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2020_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2520_nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2021_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2525_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3025_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3525_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3525_acg",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-4525_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-5525_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-5525_acg",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6525_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6525_acg",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2528-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3028-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3528-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3528-ag",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-4528-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-4528-ag",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-5528-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6528-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6526-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6527-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-7527-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-6529-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-7529-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-9029-a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-330-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-400-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2010-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2110-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2510-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2610-ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2015-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2515-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2615-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3015-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3115-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3515-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3615-nc",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-4515_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-4615_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-5015_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-5115_ac",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2018_a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2518_a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-2618_a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3018_a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3118_a",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-3118_ag",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3497",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T16:45:32.781620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T19:56:02.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.toshibatec.com/information/20240531_01.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Toshiba Tec e-Studio multi-function peripheral (MFP)",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "see the reference URL"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If user authentication is disabled.\u003cbr\u003e"
}
],
"value": "If user authentication is disabled."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products."
}
],
"datePublic": "2024-06-14T02:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL."
}
],
"value": "Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e"
}
],
"value": "We are not aware of any malicious exploitation by these vulnerabilities."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T04:17:56.164Z",
"orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0",
"shortName": "Toshiba"
},
"references": [
{
"url": "https://www.toshibatec.com/information/20240531_01.html"
},
{
"url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in the version released on June 14, 2024 and all later versions."
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-14T02:00:00.000Z",
"value": "Fixes will be released"
}
],
"title": "Directory Traversal Remote Code Execution Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e"
}
],
"value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0",
"assignerShortName": "Toshiba",
"cveId": "CVE-2024-3497",
"datePublished": "2024-06-14T04:17:56.164Z",
"dateReserved": "2024-04-09T00:59:38.974Z",
"dateUpdated": "2024-08-01T20:12:07.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35186 (GCVE-0-2024-35186)
Vulnerability from cvelistv5 – Published: 2024-05-23 08:55 – Updated: 2024-08-02 03:07
VLAI
Title
gix traversal outside working tree enables arbitrary code execution
Summary
gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files outside a working tree without attempting to execute code can directly impact integrity as well. This vulnerability has been patched in version(s) 0.36.0.
Severity
8.8 (High)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Byron/gitoxide/security/adviso… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:byron:gitoxide:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gitoxide",
"vendor": "byron",
"versions": [
{
"lessThan": "0.36.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35186",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:34:38.737689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:34:36.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:07:46.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gitoxide",
"vendor": "Byron",
"versions": [
{
"status": "affected",
"version": "\u003c 0.36.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files outside a working tree without attempting to execute code can directly impact integrity as well. This vulnerability has been patched in version(s) 0.36.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-23T08:55:20.653Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c"
}
],
"source": {
"advisory": "GHSA-7w47-3wg8-547c",
"discovery": "UNKNOWN"
},
"title": "gix traversal outside working tree enables arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-35186",
"datePublished": "2024-05-23T08:55:20.653Z",
"dateReserved": "2024-05-10T14:24:24.340Z",
"dateUpdated": "2024-08-02T03:07:46.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35274 (GCVE-0-2024-35274)
Vulnerability from cvelistv5 – Published: 2024-11-12 18:53 – Updated: 2024-11-12 19:59
VLAI
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read write administrative privileges to create non-arbitrary files on a chosen directory via crafted CLI requests.
Severity
CWE
- CWE-23 - Improper access control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiAnalyzer |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.8 (semver) Affected: 7.0.0 , ≤ 7.0.13 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) Affected: 6.2.0 , ≤ 6.2.13 (semver) cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.8 (semver) Affected: 7.0.0 , ≤ 7.0.13 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) Affected: 6.2.0 , ≤ 6.2.13 (semver) cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T19:55:03.516906Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T19:59:39.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read write administrative privileges to create non-arbitrary files on a chosen directory via crafted CLI requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:53:56.277Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-179",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-179"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiAnalyzer-BigData version 7.4.1 or above \nPlease upgrade to FortiAnalyzer version 7.4.3 or above \nPlease upgrade to FortiManager version 7.4.3 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-35274",
"datePublished": "2024-11-12T18:53:56.277Z",
"dateReserved": "2024-05-14T21:15:19.188Z",
"dateUpdated": "2024-11-12T19:59:39.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37138 (GCVE-0-2024-37138)
Vulnerability from cvelistv5 – Published: 2024-06-26 03:24 – Updated: 2024-08-02 03:50
VLAI
Summary
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system.
Severity
4.1 (Medium)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022614… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerProtect DD |
Affected:
7.0 , ≤ 7.13
(semver)
Affected: 7.8 , ≤ 7.13 (semver) |
Date Public
2024-06-24 06:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T17:35:32.470798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T17:42:52.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerProtect DD",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "7.13",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13",
"status": "affected",
"version": "7.8",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-06-24T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system."
}
],
"value": "Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T03:24:40.504Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-37138",
"datePublished": "2024-06-26T03:24:40.504Z",
"dateReserved": "2024-06-03T12:10:32.206Z",
"dateUpdated": "2024-08-02T03:50:55.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38258 (GCVE-0-2024-38258)
Vulnerability from cvelistv5 – Published: 2024-09-10 16:54 – Updated: 2024-12-31 23:03
VLAI
Title
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
Summary
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
Severity
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.6293
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.6293
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.2700
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.1128
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.7336
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.7336
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.27320
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.27320
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.25073
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.25073
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.22175
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.22175
(custom)
|
Date Public
2024-09-10 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:58:34.746016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T19:08:58.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6293",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6293",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.2700",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.1128",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7336",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7336",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27320",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27320",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25073",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25073",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22175",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22175",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2700",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1128",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27320",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27320",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25073",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25073",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22175",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22175",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Remote Desktop Licensing Service Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:13.925Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Remote Desktop Licensing Service Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38258"
}
],
"title": "Windows Remote Desktop Licensing Service Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38258",
"datePublished": "2024-09-10T16:54:07.486Z",
"dateReserved": "2024-06-11T22:36:08.235Z",
"dateUpdated": "2024-12-31T23:03:13.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40588 (GCVE-0-2024-40588)
Vulnerability from cvelistv5 – Published: 2025-08-12 18:59 – Updated: 2026-01-14 09:17
VLAI
Summary
Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.
Severity
CWE
- CWE-23 - Improper access control
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiCamera |
Affected:
2.1.0 , ≤ 2.1.4
(semver)
Affected: 2.0.0 Affected: 1.1.0 , ≤ 1.1.5 (semver) Affected: 1.0.3 , ≤ 1.0.5 (semver) cpe:2.3:a:fortinet:forticamera:2.1.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:2.1.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:2.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:2.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:2.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:forticamera:1.0.3:*:*:*:*:*:*:* |
|
| Fortinet | FortiNDR |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.1.0 , ≤ 7.1.1 (semver) Affected: 7.0.0 , ≤ 7.0.7 (semver) cpe:2.3:a:fortinet:fortindr:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiMail |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.3 (semver) Affected: 7.2.0 , ≤ 7.2.9 (semver) Affected: 7.0.0 , ≤ 7.0.9 (semver) Affected: 6.4.0 , ≤ 6.4.8 (semver) cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiRecorder |
Affected:
7.2.0 , ≤ 7.2.1
(semver)
Affected: 7.0.0 , ≤ 7.0.4 (semver) Affected: 6.4.0 , ≤ 6.4.6 (semver) cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiVoice |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 6.4.0 , ≤ 6.4.9 (semver) Affected: 6.0.0 , ≤ 6.0.12 (semver) cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T19:38:50.113803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T19:39:38.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:forticamera:2.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:2.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:2.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:2.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:2.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:forticamera:1.0.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiCamera",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "2.1.4",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"lessThanOrEqual": "1.1.5",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.5",
"status": "affected",
"version": "1.0.3",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortindr:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiNDR",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.1.1",
"status": "affected",
"version": "7.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiMail",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.8",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiRecorder",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiVoice",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.12",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:11.543Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-309",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-309"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiCamera version 2.0.1 or above\nUpgrade to FortiNDR version 7.6.2 or above\nUpgrade to FortiNDR version 7.4.7 or above\nUpgrade to FortiMail version 7.6.2 or above\nUpgrade to FortiMail version 7.4.4 or above\nUpgrade to FortiRecorder version 7.2.2 or above\nUpgrade to FortiRecorder version 7.0.5 or above\nUpgrade to FortiFone version 3.0.24 or above\nUpgrade to FortiVoice version 7.2.0 or above\nUpgrade to FortiVoice version 7.0.5 or above\nUpgrade to FortiVoice version 6.4.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-40588",
"datePublished": "2025-08-12T18:59:11.807Z",
"dateReserved": "2024-07-05T11:55:50.010Z",
"dateUpdated": "2026-01-14T09:17:11.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-4330 (GCVE-0-2024-4330)
Vulnerability from cvelistv5 – Published: 2024-05-30 14:43 – Updated: 2024-08-01 20:40
VLAI
Title
Path Traversal in parisneo/lollms-webui
Summary
A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the 'list_personalities' endpoint. By crafting a malicious HTTP request, an attacker can traverse the directory structure and view the contents of any folder, albeit limited to subfolder names only. This issue was demonstrated via a specific HTTP request that manipulated the 'category' parameter to access arbitrary directories. The vulnerability is present in the code located at the 'endpoints/lollms_advanced.py' file.
Severity
4 (Medium)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| parisneo | parisneo/lollms-webui |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:parisneo:lollms-webui:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lollms-webui",
"vendor": "parisneo",
"versions": [
{
"lessThanOrEqual": "9.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4330",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T18:42:17.703046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T17:42:04.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:46.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/154a78d5-3960-4fc6-8666-f982b5e70ed7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "parisneo/lollms-webui",
"vendor": "parisneo",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the \u0027list_personalities\u0027 endpoint. By crafting a malicious HTTP request, an attacker can traverse the directory structure and view the contents of any folder, albeit limited to subfolder names only. This issue was demonstrated via a specific HTTP request that manipulated the \u0027category\u0027 parameter to access arbitrary directories. The vulnerability is present in the code located at the \u0027endpoints/lollms_advanced.py\u0027 file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-30T14:43:40.842Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/154a78d5-3960-4fc6-8666-f982b5e70ed7"
}
],
"source": {
"advisory": "154a78d5-3960-4fc6-8666-f982b5e70ed7",
"discovery": "EXTERNAL"
},
"title": "Path Traversal in parisneo/lollms-webui"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-4330",
"datePublished": "2024-05-30T14:43:40.842Z",
"dateReserved": "2024-04-29T20:38:41.247Z",
"dateUpdated": "2024-08-01T20:40:46.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43399 (GCVE-0-2024-43399)
Vulnerability from cvelistv5 – Published: 2024-08-19 14:44 – Updated: 2024-08-19 15:27
VLAI
Title
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
Summary
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7.
Severity
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/MobSF/Mobile-Security-Framewor… | x_refsource_CONFIRM |
| https://github.com/MobSF/Mobile-Security-Framewor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MobSF | Mobile-Security-Framework-MobSF |
Affected:
< 4.0.7
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mobsf:mobile_security_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mobile_security_framework",
"vendor": "mobsf",
"versions": [
{
"lessThan": "4.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43399",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T15:23:58.694432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T15:27:04.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Mobile-Security-Framework-MobSF",
"vendor": "MobSF",
"versions": [
{
"status": "affected",
"version": "\u003c 4.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T14:44:47.180Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j"
},
{
"name": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883"
}
],
"source": {
"advisory": "GHSA-4hh3-vj32-gr6j",
"discovery": "UNKNOWN"
},
"title": "Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43399",
"datePublished": "2024-08-19T14:44:47.180Z",
"dateReserved": "2024-08-12T18:02:04.965Z",
"dateUpdated": "2024-08-19T15:27:04.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43454 (GCVE-0-2024-43454)
Vulnerability from cvelistv5 – Published: 2024-09-10 16:54 – Updated: 2024-12-31 23:03
VLAI
Title
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Summary
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Severity
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.6293
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.6293
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.2700
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.1128
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.7336
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.7336
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22870
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.27320
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.27320
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.25073
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.25073
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.22175
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.22175
(custom)
|
Date Public
2024-09-10 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:16:53.383268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:33:48.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6293",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6293",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.2700",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.1128",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7336",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7336",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22870",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27320",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27320",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25073",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25073",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22175",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22175",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2700",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1128",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.22870",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27320",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27320",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25073",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25073",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22175",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22175",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:17.833Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43454"
}
],
"title": "Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43454",
"datePublished": "2024-09-10T16:54:11.790Z",
"dateReserved": "2024-08-14T01:08:33.515Z",
"dateUpdated": "2024-12-31T23:03:17.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43614 (GCVE-0-2024-43614)
Vulnerability from cvelistv5 – Published: 2024-10-08 17:36 – Updated: 2025-07-08 15:39
VLAI
Title
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
Summary
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.
Severity
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Defender for Endpoint for Linux |
Affected:
101.0.0 , < 101.24052.0002
(custom)
|
Date Public
2024-10-08 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43614",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:34:19.602647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:23:32.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Defender for Endpoint for Linux",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "101.24052.0002",
"status": "affected",
"version": "101.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:defender_for_endpoint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "101.24052.0002",
"versionStartIncluding": "101.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-10-08T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T15:39:40.310Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Defender for Endpoint for Linux Spoofing Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43614"
}
],
"title": "Microsoft Defender for Endpoint for Linux Spoofing Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43614",
"datePublished": "2024-10-08T17:36:18.291Z",
"dateReserved": "2024-08-14T01:08:33.553Z",
"dateUpdated": "2025-07-08T15:39:40.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-5.1
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation ID: MIT-20.1
Phase: Implementation
Strategy: Input Validation
Description:
- Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
- Use a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links (CWE-23, CWE-59). This includes:
- realpath() in C
- getCanonicalPath() in Java
- GetFullPath() in ASP.NET
- realpath() or abs_path() in Perl
- realpath() in PHP
Mitigation ID: MIT-29
Phase: Operation
Strategy: Firewall
Description:
- Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-139: Relative Path Traversal
An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.