CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CVE-2024-0098 (GCVE-0-2024-0098)
Vulnerability from cvelistv5 – Published: 2024-05-09 22:16 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure.
Severity
5.5 (Medium)
CWE
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:chatrtx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chatrtx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "0.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T16:52:43.964542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:05:55.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ChatRTX",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 0.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure."
}
],
"value": "NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T22:16:43.873Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0098",
"datePublished": "2024-05-09T22:16:43.873Z",
"dateReserved": "2023-12-02T00:42:07.968Z",
"dateUpdated": "2024-08-01T17:41:15.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0220 (GCVE-0-2024-0220)
Vulnerability from cvelistv5 – Published: 2024-02-22 10:15 – Updated: 2024-09-19 17:24
VLAI
Title
B&R products use insufficient communication encryption
Summary
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.
Severity
8.3 (High)
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation | Automation Studio |
Affected:
4.0 , < 4.6
(patch)
|
|
| B&R Industrial Automation | Technology Guarding |
Affected:
1.0.0 , < 1.4.0
(patch)
|
Date Public
2024-02-22 10:10
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "automation_studio",
"vendor": "br-automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T16:23:26.378691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:52:09.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Upgrade Service"
],
"product": "Automation Studio",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "4.6",
"status": "affected",
"version": "4.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Technology Guarding",
"vendor": "B\u0026R Industrial Automation",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "1.0.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-02-22T10:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "B\u0026amp;R Automation Studio Upgrade Service and B\u0026amp;R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.\n\n\u003cbr\u003e"
}
],
"value": "B\u0026R Automation Studio Upgrade Service and B\u0026R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1240",
"description": "CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T17:24:51.723Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P019_Automation_Studio_Upgrade_Service_uses_insufficient_encryption.pdf-1b3b181c.pdf"
}
],
"source": {
"advisory": "2023-P019",
"discovery": "INTERNAL"
},
"title": "B\u0026R products use insufficient communication encryption",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-0220",
"datePublished": "2024-02-22T10:15:44.750Z",
"dateReserved": "2024-01-03T15:46:41.224Z",
"dateUpdated": "2024-09-19T17:24:51.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0860 (GCVE-0-2024-0860)
Vulnerability from cvelistv5 – Published: 2024-03-14 20:54 – Updated: 2024-08-12 20:30
VLAI
Title
Cleartext Transmission of Sensitive Information in Softing edgeConnector and edgeAggregator
Summary
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Softing | edgeConnector |
Affected:
Version 3.60
|
|
| Softing | edgeAggregator |
Affected:
Version 3.60
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-13"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softing:edgeconnector:3.60:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "edgeconnector",
"vendor": "softing",
"versions": [
{
"status": "affected",
"version": "3.60"
}
]
},
{
"cpes": [
"cpe:2.3:a:softing:edgeaggregator:3.60:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "edgeaggregator",
"vendor": "softing",
"versions": [
{
"status": "affected",
"version": "3.60"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T16:34:23.355296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T20:30:17.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "edgeConnector",
"vendor": "Softing",
"versions": [
{
"status": "affected",
"version": "Version 3.60"
}
]
},
{
"defaultStatus": "unaffected",
"product": "edgeAggregator",
"vendor": "Softing",
"versions": [
{
"status": "affected",
"version": "Version 3.60"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pan ZhenPeng (@Peterpan0927) and Li JianTao (@CurseRed) of STAR Labs SG Pte. Ltd. (@starlabs_sg) working with Trend Micro Zero Day Initiative reported these vulnerabilities to CISA. Claroty Team82 working with Trend Micro Zero Day Initiative reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eThe affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nThe affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T20:54:56.710Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-13"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Softing edgeConnector and edgeAggregator to v3.70 or greater.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\nUpdate Softing edgeConnector and edgeAggregator to v3.70 or greater.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cleartext Transmission of Sensitive Information in Softing edgeConnector and edgeAggregator",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-0860",
"datePublished": "2024-03-14T20:54:56.710Z",
"dateReserved": "2024-01-24T15:13:18.203Z",
"dateUpdated": "2024-08-12T20:30:17.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10973 (GCVE-0-2024-10973)
Vulnerability from cvelistv5 – Published: 2024-12-17 22:59 – Updated: 2025-11-20 18:12
VLAI
Title
Keycloak: cli option for encrypted jgroups ignored
Summary
A vulnerability was found in Keycloak. The environment option `KC_CACHE_EMBEDDED_MTLS_ENABLED` does not work and the JGroups replication configuration is always used in plain text which can allow an attacker that has access to adjacent networks related to JGroups to read sensitive information.
Severity
5.7 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2024-10973 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2324361 | issue-trackingx_refsource_REDHAT |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Unaffected:
22.0 , < 23.0
(semver)
Unaffected: 24.0 , < 25.0 (semver) Unaffected: 26.0.6 , < * (semver) |
|||
| Red Hat | Red Hat Build of Keycloak |
cpe:/a:redhat:build_keycloak: |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
Date Public
2024-11-07 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10973",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T16:25:38.326417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T16:26:12.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/keycloak/keycloak",
"defaultStatus": "affected",
"packageName": "keycloak",
"versions": [
{
"lessThan": "23.0",
"status": "unaffected",
"version": "22.0",
"versionType": "semver"
},
{
"lessThan": "25.0",
"status": "unaffected",
"version": "24.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "26.0.6",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank philliphnguyen for reporting this issue."
}
],
"datePublic": "2024-11-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Keycloak. The environment option `KC_CACHE_EMBEDDED_MTLS_ENABLED` does not work and the JGroups replication configuration is always used in plain text which can allow an attacker that has access to adjacent networks related to JGroups to read sensitive information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:12:13.352Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-10973"
},
{
"name": "RHBZ#2324361",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324361"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-07T12:09:22.885Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-11-07T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Keycloak: cli option for encrypted jgroups ignored",
"x_redhatCweChain": "CWE-319: Cleartext Transmission of Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-10973",
"datePublished": "2024-12-17T22:59:38.518Z",
"dateReserved": "2024-11-07T16:42:52.079Z",
"dateUpdated": "2025-11-20T18:12:13.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-11946 (GCVE-0-2024-11946)
Vulnerability from cvelistv5 – Published: 2024-12-30 20:12 – Updated: 2024-12-30 22:59
VLAI
Title
iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability
Summary
iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of firmware updates. The issue results from the use of an insecure protocol to deliver updates. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-25668.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.truenas.com/docs/core/13.0/gettingsta… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| iXsystems | TrueNAS CORE |
Affected:
13.3-RELEASE
|
Date Public
2024-12-20 01:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T22:58:53.294782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T22:59:36.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "TrueNAS CORE",
"vendor": "iXsystems",
"versions": [
{
"status": "affected",
"version": "13.3-RELEASE"
}
]
}
],
"dateAssigned": "2024-11-27T23:37:33.541Z",
"datePublic": "2024-12-20T01:15:47.308Z",
"descriptions": [
{
"lang": "en",
"value": "iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of firmware updates. The issue results from the use of an insecure protocol to deliver updates. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-25668."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T20:12:23.839Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1644",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1644/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.truenas.com/docs/core/13.0/gettingstarted/corereleasenotes/#130-u63"
}
],
"source": {
"lang": "en",
"value": "Daan Keuper, Thijs Alkemade and Khaled Nassar from Computest Sector 7"
},
"title": "iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-11946",
"datePublished": "2024-12-30T20:12:23.839Z",
"dateReserved": "2024-11-27T23:37:33.514Z",
"dateUpdated": "2024-12-30T22:59:36.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12378 (GCVE-0-2024-12378)
Vulnerability from cvelistv5 – Published: 2025-05-08 19:05 – Updated: 2025-05-08 19:18
VLAI
Title
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
Summary
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
Severity
9.1 (Critical)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Arista Networks | CloudVision Portal |
Affected:
4.32.0 , ≤ 4.32.2F
(custom)
Affected: 4.31.0 , ≤ 4.31.6M (custom) Affected: 4.30.0 , ≤ 4.30.8M (custom) Affected: 4.29.0 , ≤ 4.29.9M (custom) Affected: 4.28.0 , ≤ 4.28.12M (custom) Affected: 4.27.0 , ≤ 4.27.12M (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T19:16:38.893940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T19:18:27.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CloudVision Portal",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.32.2F",
"status": "affected",
"version": "4.32.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.31.6M",
"status": "affected",
"version": "4.31.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.30.8M",
"status": "affected",
"version": "4.30.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.29.9M",
"status": "affected",
"version": "4.29.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.28.12M",
"status": "affected",
"version": "4.28.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.12M",
"status": "affected",
"version": "4.27.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn order to be vulnerable to CVE-2024-12378, the following condition must be met:\u003c/p\u003e\u003cp\u003eSecure Vxlan must be configured.\u003c/p\u003e\u003cp\u003eThe output of \u201cshow ip security connection\u201d is empty if Secure Vxlan isn\u2019t configured.\u003c/p\u003e\u003cpre\u003eswitch\u0026gt; show ip security connection\nLegend: (P) policy based VPN tunnel\nTunnel \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Source \u0026nbsp; \u0026nbsp; Dest \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;Status \u0026nbsp; \u0026nbsp; \u0026nbsp; Uptime \u0026nbsp; \u0026nbsp; Input \u0026nbsp; \u0026nbsp;Output \u0026nbsp; \u0026nbsp; Rekey Time\nvxlansec-default-1.0.2.1 1.0.1.1 \u0026nbsp; 1.0.2.1 \u0026nbsp; \u003cb\u003eEstablished\u003c/b\u003e\u0026nbsp; 19 minutes 0 bytes \u0026nbsp;152 bytes \u0026nbsp;24 minutes\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 0 pkts \u0026nbsp; \u0026nbsp;2 pkts\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eA normal encrypted connection will show the status as \u201cestablished\u201d.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In order to be vulnerable to CVE-2024-12378, the following condition must be met:\n\nSecure Vxlan must be configured.\n\nThe output of \u201cshow ip security connection\u201d is empty if Secure Vxlan isn\u2019t configured.\n\nswitch\u003e show ip security connection\nLegend: (P) policy based VPN tunnel\nTunnel \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Source \u00a0 \u00a0 Dest \u00a0 \u00a0 \u00a0 \u00a0Status \u00a0 \u00a0 \u00a0 Uptime \u00a0 \u00a0 Input \u00a0 \u00a0Output \u00a0 \u00a0 Rekey Time\nvxlansec-default-1.0.2.1 1.0.1.1 \u00a0 1.0.2.1 \u00a0 Established\u00a0 19 minutes 0 bytes \u00a0152 bytes \u00a024 minutes\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 0 pkts \u00a0 \u00a02 pkts\n\n\n\u00a0\n\nA normal encrypted connection will show the status as \u201cestablished\u201d."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear."
}
],
"value": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear."
}
],
"impacts": [
{
"capecId": "CAPEC-679",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T19:05:22.320Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21289-security-advisory-0113"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eCVE-2024-12378 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.33.0F and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.3M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.7M and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.9M and later releases in the 4.30.x train\u003c/li\u003e\u003cli\u003e4.29.10M and later releases in the 4.29.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\u00a0\n\nCVE-2024-12378 has been fixed in the following releases:\n\n * 4.33.0F and later releases in the 4.33.x train\n * 4.32.3M and later releases in the 4.32.x train\n * 4.31.7M and later releases in the 4.31.x train\n * 4.30.9M and later releases in the 4.30.x train\n * 4.29.10M and later releases in the 4.29.x train"
}
],
"source": {
"advisory": "113",
"defect": [
"BUG 997526"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe workaround is to remove and re-apply security profiles for each secure VTEP.\u003c/p\u003e\u003cpre\u003eswitch\u0026gt; show vxlan security profile\nVTEP \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Security Profile\n------------- ----------------\n1.0.2.1 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; p1\nswitch\u0026gt; en\nswitch# config\nswitch(config)# interface vxlan 1\nswitch(config-if-Vx1)# no vxlan vtep 1.0.2.1 ip security profile p1\nswitch(config-if-Vx1)# vxlan vtep 1.0.2.1 ip security profile p1\u003c/pre\u003e\u003cbr\u003e"
}
],
"value": "The workaround is to remove and re-apply security profiles for each secure VTEP.\n\nswitch\u003e show vxlan security profile\nVTEP \u00a0 \u00a0 \u00a0 \u00a0 Security Profile\n------------- ----------------\n1.0.2.1 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 p1\nswitch\u003e en\nswitch# config\nswitch(config)# interface vxlan 1\nswitch(config-if-Vx1)# no vxlan vtep 1.0.2.1 ip security profile p1\nswitch(config-if-Vx1)# vxlan vtep 1.0.2.1 ip security profile p1"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-12378",
"datePublished": "2025-05-08T19:05:22.320Z",
"dateReserved": "2024-12-09T18:19:27.219Z",
"dateUpdated": "2025-05-08T19:18:27.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13872 (GCVE-0-2024-13872)
Vulnerability from cvelistv5 – Published: 2025-03-12 11:47 – Updated: 2025-03-12 14:09 Unsupported When Assigned
VLAI
Title
Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so
Summary
Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Bitdefender | BOX v1 |
Affected:
1.3.11.490 , < 1.3.11.505
(custom)
|
Date Public
2025-03-01 10:47
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T14:04:03.269492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T14:09:37.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BOX v1",
"vendor": "Bitdefender",
"versions": [
{
"lessThan": "1.3.11.505",
"status": "affected",
"version": "1.3.11.490",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alan Cao"
}
],
"datePublic": "2025-03-01T10:47:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eBitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device.\u003c/div\u003e"
}
],
"value": "Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T11:47:46.419Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/support/security-advisories/insecure-update-mechanism-vulnerability-in-libboxhermes-so-in-bitdefender-box-v1"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An automatic update to version 1.3.11.505 fixes the issue."
}
],
"value": "An automatic update to version 1.3.11.505 fixes the issue."
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2024-13872",
"datePublished": "2025-03-12T11:47:46.419Z",
"dateReserved": "2025-02-13T17:36:46.927Z",
"dateUpdated": "2025-03-12T14:09:37.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1657 (GCVE-0-2024-1657)
Vulnerability from cvelistv5 – Published: 2024-04-25 16:28 – Updated: 2026-02-25 19:31
VLAI
Title
Platform: insecure websocket used when interacting with eda server
Summary
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system.
Severity
8.1 (High)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:1057 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-1657 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2265085 | issue-trackingx_refsource_REDHAT |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 2.4
(semver)
|
|||
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
Unaffected:
0:2.4-6.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
Unaffected:
0:1.0.5-1.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
Unaffected:
0:1.0.5-1.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 9 |
Unaffected:
0:2.4-6.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 9 |
Unaffected:
0:1.0.5-1.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 9 |
Unaffected:
0:1.0.5-1.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 |
Date Public
2024-02-29 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:57:21.450537Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T19:57:40.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:48:21.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:1057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1057"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-1657"
},
{
"name": "RHBZ#2265085",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/ansible/ansible",
"defaultStatus": "unaffected",
"packageName": "ansible",
"versions": [
{
"lessThan": "2.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-installer",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4-6.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-rulebook",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.5-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "automation-eda-controller",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.5-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-installer",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4-6.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-rulebook",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.5-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "automation-eda-controller",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.5-1.el9ap",
"versionType": "rpm"
}
]
}
],
"datePublic": "2024-02-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T19:31:00.784Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:1057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1057"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-1657"
},
{
"name": "RHBZ#2265085",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-20T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-02-29T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Platform: insecure websocket used when interacting with eda server",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-319: Cleartext Transmission of Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-1657",
"datePublished": "2024-04-25T16:28:38.094Z",
"dateReserved": "2024-02-20T09:47:30.627Z",
"dateUpdated": "2026-02-25T19:31:00.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-21406 (GCVE-0-2024-21406)
Vulnerability from cvelistv5 – Published: 2024-02-13 18:02 – Updated: 2025-05-08 15:40
VLAI
Title
Windows Printing Service Spoofing Vulnerability
Summary
Windows Printing Service Spoofing Vulnerability
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
22 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.5458
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.5458
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.5458
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.5458
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.2322
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.2777
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.4046
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.3155
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.4046
(custom)
|
|
| Microsoft | Windows 11 version 22H3 |
Affected:
10.0.22631.0 , < 10.0.22631.3155
(custom)
|
|
| Microsoft | Windows 11 Version 23H2 |
Affected:
10.0.22631.0 , < 10.0.22631.3155
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.709
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.20469
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.6709
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.6709
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.6709
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26961
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26961
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24710
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24710
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.21813
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.21813
(custom)
|
Date Public
2024-02-13 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Printing Service Spoofing Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21406"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-13T19:24:40.484205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T15:40:28.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5458",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5458",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5458",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5458",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.2322",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.2777",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.4046",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.3155",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.4046",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.3155",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.3155",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.709",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.20469",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6709",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6709",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6709",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26961",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26961",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24710",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24710",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21813",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21813",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.5458",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.5458",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5458",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5458",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2322",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2777",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.4046",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.3155",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.4046",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.3155",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.3155",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.709",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20469",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6709",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6709",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6709",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26961",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26961",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24710",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24710",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21813",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21813",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-02-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Printing Service Spoofing Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T01:37:44.793Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Printing Service Spoofing Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21406"
}
],
"title": "Windows Printing Service Spoofing Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-21406",
"datePublished": "2024-02-13T18:02:47.978Z",
"dateReserved": "2023-12-08T22:45:21.299Z",
"dateUpdated": "2025-05-08T15:40:28.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25960 (GCVE-0-2024-25960)
Vulnerability from cvelistv5 – Published: 2024-03-28 18:13 – Updated: 2024-08-12 20:17
VLAI
Summary
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Severity
7.3 (High)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022336… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale OneFS |
Affected:
8.2.2 , ≤ 9.3.0.0
(semver)
Affected: 9.4.0.0 , ≤ 9.4.0.16 (semver) Affected: 9.5.0.0 , ≤ 9.5.0.7 (semver) Affected: 9.6.1.0 , ≤ 9.7.0.1 (semver) |
Date Public
2024-03-28 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:powerscale_onefs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "powerscale_onefs",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "9.3.0.0",
"status": "affected",
"version": "8.2.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.4.0.16",
"status": "affected",
"version": "9.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.5.0.7",
"status": "affected",
"version": "9.5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.7.0.1",
"status": "affected",
"version": "9.6.1.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T20:12:52.564587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T20:17:22.524Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "9.3.0.0",
"status": "affected",
"version": "8.2.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.4.0.16",
"status": "affected",
"version": "9.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.5.0.7",
"status": "affected",
"version": "9.5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.7.0.1",
"status": "affected",
"version": "9.6.1.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-03-28T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges."
}
],
"value": "Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T18:13:30.210Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-25960",
"datePublished": "2024-03-28T18:13:30.210Z",
"dateReserved": "2024-02-13T05:32:19.480Z",
"dateUpdated": "2024-08-12T20:17:22.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Before transmitting, encrypt the data using reliable, confidentiality-protecting cryptographic protocols.
Mitigation
Phase: Implementation
Description:
- When using web applications with SSL, use SSL for the entire session from login to logout, not just for the initial login page.
Mitigation
Phase: Implementation
Description:
- When designing hardware platforms, ensure that approved encryption algorithms (such as those recommended by NIST) protect paths from security critical data to trusted user applications.
Mitigation
Phase: Testing
Description:
- Use tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session. These may be more effective than strictly automated techniques. This is especially the case with weaknesses that are related to design and business rules.
Mitigation
Phase: Operation
Description:
- Configure servers to use encrypted channels for communication, which may include SSL or other secure protocols.
CAPEC-102: Session Sidejacking
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.
CAPEC-117: Interception
An adversary monitors data streams to or from the target for information gathering purposes. This attack may be undertaken to solely gather sensitive information or to support a further attack against the target. This attack pattern can involve sniffing network traffic as well as other types of data streams (e.g. radio). The adversary can attempt to initiate the establishment of a data stream or passively observe the communications as they unfold. In all variants of this attack, the adversary is not the intended recipient of the data stream. In contrast to other means of gathering information (e.g., targeting data leaks), the adversary must actively position themself so as to observe explicit data channels (e.g. network traffic) and read the content. However, this attack differs from a Adversary-In-the-Middle (CAPEC-94) attack, as the adversary does not alter the content of the communications nor forward data to the intended recipient.
CAPEC-383: Harvesting Information via API Event Monitoring
An adversary hosts an event within an application framework and then monitors the data exchanged during the course of the event for the purpose of harvesting any important data leaked during the transactions. One example could be harvesting lists of usernames or userIDs for the purpose of sending spam messages to those users. One example of this type of attack involves the adversary creating an event within the sub-application. Assume the adversary hosts a "virtual sale" of rare items. As other users enter the event, the attacker records via AiTM (CAPEC-94) proxy the user_ids and usernames of everyone who attends. The adversary would then be able to spam those users within the application using an automated script.
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.
CAPEC-65: Sniff Application Code
An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.