Search criteria
5 vulnerabilities by enphase
CVE-2024-21881 (GCVE-0-2024-21881)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x
Summary
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x
Severity ?
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"status": "affected",
"version": "4.x"
},
{
"status": "affected",
"version": "5.x"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T16:33:02.874377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T16:37:24.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.\u003cp\u003eThis issue affects Envoy: 4.x and 5.x\u003c/p\u003e"
}
],
"value": "Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:24.981Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21881"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-6"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21881",
"datePublished": "2024-08-10T17:44:48.033Z",
"dateReserved": "2024-01-02T18:30:11.175Z",
"dateUpdated": "2025-03-11T13:38:24.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32274 (GCVE-0-2023-32274)
Vulnerability from cvelistv5 – Published: 2023-06-20 19:38 – Updated: 2024-12-06 21:34
VLAI?
Title
Enphase Installer Toolkit Android App Use of Hard-coded Credentials
Summary
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
Severity ?
8.6 (High)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Enphase | Enphase Installer Toolkit |
Affected:
3.27.0
|
Credits
OBSWCY3F reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-02"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T21:34:27.327271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T21:34:38.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Enphase Installer Toolkit",
"vendor": "Enphase ",
"versions": [
{
"status": "affected",
"version": "3.27.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "OBSWCY3F reported this vulnerability to CISA."
}
],
"datePublic": "2023-06-20T19:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eEnphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.\u003c/p\u003e\u003cbr\u003e\n\n\u003cbr\u003e\n\n"
}
],
"value": "\n\n\n\n\nEnphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-20T19:38:42.467Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-02"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Enphase Installer Toolkit Android App Use of Hard-coded Credentials",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers of the affected product are encouraged to contact \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.enphase.com/s/contact-us\"\u003eEnphase Energy support\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;for additional information.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUsers of the affected product are encouraged to contact Enphase Energy support https://support.enphase.com/s/contact-us \u00a0for additional information.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-32274",
"datePublished": "2023-06-20T19:38:42.467Z",
"dateReserved": "2023-05-25T19:20:22.591Z",
"dateUpdated": "2024-12-06T21:34:38.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7678 (GCVE-0-2019-7678)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7678",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7677 (GCVE-0-2019-7677)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7677",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7676 (GCVE-0-2019-7676)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:27.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7676",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:27.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}