CVE-2024-8073 (GCVE-0-2024-8073)
Vulnerability from cvelistv5 – Published: 2024-08-26 02:19 – Updated: 2024-08-27 19:00
VLAI?
Title
Command Injection Vulnerability in Hillstone Networks Web Application Firewall
Summary
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13.
Severity ?
9.8 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hillstone Networks | Hillstone Networks Web Application Firewall |
Affected:
2.6.7 , ≤ 2.8.13
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.6.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "web_application_firewall",
"vendor": "hillstonenet",
"versions": [
{
"lessThanOrEqual": "5.5R6-2.8.13",
"status": "affected",
"version": "5.5r6-2.6.7",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:44:24.297231Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T19:00:27.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"5.5R6"
],
"product": "Hillstone Networks Web Application Firewall",
"vendor": "Hillstone Networks",
"versions": [
{
"lessThanOrEqual": "2.8.13",
"status": "affected",
"version": "2.6.7",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-26T00:53:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.\u003cp\u003eThis issue affects Hillstone Networks Web Application Firewall: from\u0026nbsp;5.5R6-2.6.7 through 5.5R6-2.8.13.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from\u00a05.5R6-2.6.7 through 5.5R6-2.8.13."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T02:19:48.164Z",
"orgId": "2b565742-f273-46f9-b583-07c1fcdea31a",
"shortName": "Hillstone"
},
"references": [
{
"url": "https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade the WAF device to version 5.5R6-2.8.14 or higher.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Upgrade the WAF device to version 5.5R6-2.8.14 or higher."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command Injection Vulnerability in Hillstone Networks Web Application Firewall",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If an upgrade is not feasible in the short term, we advise mitigating the risk by configuring a \"Trusted Host Access\" policy.\n\n\u003cbr\u003e"
}
],
"value": "If an upgrade is not feasible in the short term, we advise mitigating the risk by configuring a \"Trusted Host Access\" policy."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b565742-f273-46f9-b583-07c1fcdea31a",
"assignerShortName": "Hillstone",
"cveId": "CVE-2024-8073",
"datePublished": "2024-08-26T02:19:48.164Z",
"dateReserved": "2024-08-22T09:28:58.926Z",
"dateUpdated": "2024-08-27T19:00:27.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-8073\",\"sourceIdentifier\":\"sec@hillstonenet.com\",\"published\":\"2024-08-26T03:15:03.607\",\"lastModified\":\"2024-09-12T20:58:56.413\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from\u00a05.5R6-2.6.7 through 5.5R6-2.8.13.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de validaci\u00f3n de entrada incorrecta en Hillstone Networks Hillstone Networks Web Application Firewall en 5.5R6 permite la inyecci\u00f3n de comandos. Este problema afecta al Hillstone Networks Web Application Firewall: desde 5.5R6-2.6.7 hasta 5.5R6-2.8.13.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sec@hillstonenet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"sec@hillstonenet.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF3CECA-26DB-40A3-9F4D-833C78E474B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.8.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56D2A09B-714B-49EF-8CC3-34EDCE9B230A\"}]}]}],\"references\":[{\"url\":\"https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/\",\"source\":\"sec@hillstonenet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8073\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T18:44:24.297231Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.6.7:*:*:*:*:*:*:*\"], \"vendor\": \"hillstonenet\", \"product\": \"web_application_firewall\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.5r6-2.6.7\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.5R6-2.8.13\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T19:00:11.715Z\"}}], \"cna\": {\"title\": \"Command Injection Vulnerability in Hillstone Networks Web Application Firewall\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-248\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-248 Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Hillstone Networks\", \"product\": \"Hillstone Networks Web Application Firewall\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.7\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.8.13\"}], \"platforms\": [\"5.5R6\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade the WAF device to version 5.5R6-2.8.14 or higher.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Upgrade the WAF device to version 5.5R6-2.8.14 or higher.\u0026nbsp;\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-08-26T00:53:00.000Z\", \"references\": [{\"url\": \"https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"If an upgrade is not feasible in the short term, we advise mitigating the risk by configuring a \\\"Trusted Host Access\\\" policy.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"If an upgrade is not feasible in the short term, we advise mitigating the risk by configuring a \\\"Trusted Host Access\\\" policy.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from\\u00a05.5R6-2.6.7 through 5.5R6-2.8.13.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.\u003cp\u003eThis issue affects Hillstone Networks Web Application Firewall: from\u0026nbsp;5.5R6-2.6.7 through 5.5R6-2.8.13.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"2b565742-f273-46f9-b583-07c1fcdea31a\", \"shortName\": \"Hillstone\", \"dateUpdated\": \"2024-08-26T02:19:48.164Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-8073\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-27T19:00:27.959Z\", \"dateReserved\": \"2024-08-22T09:28:58.926Z\", \"assignerOrgId\": \"2b565742-f273-46f9-b583-07c1fcdea31a\", \"datePublished\": \"2024-08-26T02:19:48.164Z\", \"assignerShortName\": \"Hillstone\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…