FKIE_CVE-2022-29281

Vulnerability from fkie_nvd - Published: 2022-04-15 21:15 - Updated: 2024-11-21 06:58
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths).
References
cve@mitre.orghttps://github.com/hmnthabit/Advisories/blob/master/CVE-2022-29281.mdThird Party Advisory
cve@mitre.orghttps://github.com/notable/notable-insiders/releases/tag/v1.9.0-beta.8Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/hmnthabit/Advisories/blob/master/CVE-2022-29281.mdThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/notable/notable-insiders/releases/tag/v1.9.0-beta.8Release Notes, Third Party Advisory
Impacted products
Vendor Product Version
notable notable *
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
notable notable 1.9.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:notable:notable:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85DC53E7-A45A-4579-8CA2-3F8A92B3D7BA",
              "versionEndExcluding": "1.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta0:*:*:*:*:*:*",
              "matchCriteriaId": "DCA9AAC3-CD35-46DD-8539-0636B3222D86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "FCE1DBC3-F629-4389-9EFD-8056013F296A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "9FC72F79-8403-4C7D-9EA5-12E3B022F5D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "6929FA0F-E63D-4BA8-825E-74C84B895A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "29CCD33C-A945-4BA3-A5CA-289A267F2A78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "E755A694-C0A2-4789-A4D1-8FE6C8BE9C66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "9F1E022C-2F80-43BA-9A7C-71EF5AA30AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:notable:notable:1.9.0:beta7:*:*:*:*:*:*",
              "matchCriteriaId": "5879D9AA-0BBF-4BC3-945D-23E2E9719C27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Notable before 1.9.0-beta.8 doesn\u0027t effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths)."
    },
    {
      "lang": "es",
      "value": "Notable versiones anteriores a 1.9.0-beta.8, no previene efectivamente la apertura de archivos ejecutables cuando hace clic en un enlace. Se presenta una comprobaci\u00f3n inapropiada el esquema URI del archivo. Un hiperv\u00ednculo a un recurso compartido SMB podr\u00eda conllevar a una ejecuci\u00f3n de un programa arbitrario (o el robo de credenciales NTLM por medio de un ataque de retransmisi\u00f3n SMB, ya que la aplicaci\u00f3n resuelve rutas UNC)"
    }
  ],
  "id": "CVE-2022-29281",
  "lastModified": "2024-11-21T06:58:51.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-15T21:15:08.090",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/hmnthabit/Advisories/blob/master/CVE-2022-29281.md"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/notable/notable-insiders/releases/tag/v1.9.0-beta.8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/hmnthabit/Advisories/blob/master/CVE-2022-29281.md"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/notable/notable-insiders/releases/tag/v1.9.0-beta.8"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.