Common Weakness Enumeration

CWE-250

Allowed

Execution with Unnecessary Privileges

Abstraction: Base · Status: Draft

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

575 vulnerabilities reference this CWE, most recent first.

CVE-2024-3498 (GCVE-0-2024-3498)

Vulnerability from cvelistv5 – Published: 2024-06-14 04:20 – Updated: 2024-08-01 20:12
VLAI
Title
Incorrect Permission Assignment Privilege Escalation Vulnerability
Summary
Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Impacted products
Vendor Product Version
Toshiba Tec Corporation Toshiba Tec e-Studio multi-function peripheral (MFP) Affected: see the reference URL
Create a notification for this product.
toshibatec e-studio-2521_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2020_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2520_nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2021_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2525_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3025_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3525_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3525_acg Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-4525_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-5525_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-5525_acg Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6525_ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6525_acg Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2528-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3028-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3528-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3528-ag Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-4528-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-4528-ag Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-5528-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6528-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6526-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6527-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-7527-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-6529-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-7529-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-9029-a Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-330-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-400-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2010-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2110-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2510-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2610-ac Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2015-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2515-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-2615-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3015-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3115-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3515-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
toshibatec e-studio-3615-nc Affected: 0 , ≤ * (custom)
    cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-06-14 02:00
Credits
We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2521_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2020_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2520_nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2021_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2525_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3025_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3525_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3525_acg",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-4525_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-5525_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-5525_acg",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6525_ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6525_acg",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2528-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3028-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3528-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3528-ag",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-4528-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-4528-ag",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-5528-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6528-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6526-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6527-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-7527-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-6529-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-7529-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-9029-a",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-330-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-400-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2010-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2110-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2510-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2610-ac",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2015-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2515-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-2615-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3015-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3115-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3515-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "e-studio-3615-nc",
            "vendor": "toshibatec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3498",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-14T16:34:42.877802Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-14T16:48:56.007Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:07.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.toshibatec.com/information/20240531_01.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)",
          "vendor": "Toshiba Tec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "see the reference URL"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "If user authentication is disabled.\u003cbr\u003e"
            }
          ],
          "value": "If user authentication is disabled."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products."
        }
      ],
      "datePublic": "2024-06-14T02:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL."
            }
          ],
          "value": "Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e"
            }
          ],
          "value": "We are not aware of any malicious exploitation by these vulnerabilities."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T04:20:01.103Z",
        "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0",
        "shortName": "Toshiba"
      },
      "references": [
        {
          "url": "https://www.toshibatec.com/information/20240531_01.html"
        },
        {
          "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in the version released on June 14, 2024 and all later versions."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-14T02:00:00.000Z",
          "value": "Fixes will be released"
        }
      ],
      "title": "Incorrect Permission Assignment Privilege Escalation Vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e"
            }
          ],
          "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0",
    "assignerShortName": "Toshiba",
    "cveId": "CVE-2024-3498",
    "datePublished": "2024-06-14T04:20:01.103Z",
    "dateReserved": "2024-04-09T00:59:41.285Z",
    "dateUpdated": "2024-08-01T20:12:07.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2240 (GCVE-0-2024-2240)

Vulnerability from cvelistv5 – Published: 2025-02-14 04:53 – Updated: 2025-02-14 15:28
VLAI
Title
Docker implementation in Brocade SANnav is missing Audit Rules.
Summary
Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Impacted products
Vendor Product Version
Brocade Brocade SANnav Affected: Brocade SANnav before 2.3.1b
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2240",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-14T15:28:40.451022Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-14T15:28:53.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Brocade SANnav",
          "vendor": "Brocade",
          "versions": [
            {
              "status": "affected",
              "version": "Brocade SANnav before 2.3.1b"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.\n\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-122",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-122: Privilege Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-14T04:53:11.643Z",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25401"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Docker implementation in Brocade SANnav is missing Audit Rules.",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2024-2240",
    "datePublished": "2025-02-14T04:53:11.643Z",
    "dateReserved": "2024-03-06T21:10:53.411Z",
    "dateUpdated": "2025-02-14T15:28:53.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1222 (GCVE-0-2024-1222)

Vulnerability from cvelistv5 – Published: 2024-03-14 03:03 – Updated: 2024-09-26 03:50
VLAI
Title
Incorrect authorization controls in PaperCut NG/MF APIs
Summary
This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Impacted products
Vendor Product Version
PaperCut PaperCut NG, PaperCut MF Affected: 0 , < 23.0.7 (custom)
Affected: 0 , < 22.1.5 (custom)
Affected: 0 , < 21.2.14 (custom)
Affected: 0 , < 20.1.10 (custom)
Create a notification for this product.
papercut papercut_mf Affected: 0 , < 23.0.7 (custom)
Affected: 0 , < 22.1.5 (custom)
Affected: 0 , < 21.2.14 (custom)
Affected: 0 , < 20.1.10 (custom)
    cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*
Create a notification for this product.
papercut papercut_ng Affected: 0 , < 23.0.7 (custom)
Affected: 0 , < 22.1.5 (custom)
Affected: 0 , < 21.2.14 (custom)
Affected: 0 , < 20.1.10 (custom)
    cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:33:25.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "papercut_mf",
            "vendor": "papercut",
            "versions": [
              {
                "lessThan": "23.0.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "22.1.5",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "21.2.14",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "20.1.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "papercut_ng",
            "vendor": "papercut",
            "versions": [
              {
                "lessThan": "23.0.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "22.1.5",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "21.2.14",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "20.1.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1222",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-26T04:00:45.176980Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T15:10:56.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "platforms": [
            "MacOS",
            "Linux",
            "Windows"
          ],
          "product": "PaperCut NG, PaperCut MF",
          "vendor": "PaperCut",
          "versions": [
            {
              "changes": [
                {
                  "at": "23.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "23.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "22.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "22.1.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "21.2.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "21.2.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "20.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "20.1.10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T03:50:54.624Z",
        "orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
        "shortName": "PaperCut"
      },
      "references": [
        {
          "url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect authorization controls in PaperCut NG/MF APIs",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
    "assignerShortName": "PaperCut",
    "cveId": "CVE-2024-1222",
    "datePublished": "2024-03-14T03:03:18.638Z",
    "dateReserved": "2024-02-05T04:34:00.207Z",
    "dateUpdated": "2024-09-26T03:50:54.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-0084 (GCVE-0-2024-0084)

Vulnerability from cvelistv5 – Published: 2024-06-13 21:23 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
nvidia vGPU software and Cloud Gaming Affected: All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release
Create a notification for this product.
nvidia virtual_gpu_graphics_driver Affected: 0 , < 13.11 (custom)
Affected: 0 , < 16.6 (custom)
Affected: 0 , < 17.2 (custom)
    cpe:2.3:a:nvidia:virtual_gpu_graphics_driver:13.10:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nvidia:virtual_gpu_graphics_driver:13.10:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "virtual_gpu_graphics_driver",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThan": "13.11",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "16.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0084",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-14T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-15T03:55:37.767Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "vGPU software and Cloud Gaming",
          "vendor": "nvidia",
          "versions": [
            {
              "status": "affected",
              "version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service."
            }
          ],
          "value": "NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure, data tampering, escalation of privileges, denial of service"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-13T21:23:31.105Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CVE"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2024-0084",
    "datePublished": "2024-06-13T21:23:31.105Z",
    "dateReserved": "2023-12-02T00:41:55.036Z",
    "dateUpdated": "2024-08-01T17:41:15.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-0073 (GCVE-0-2024-0073)

Vulnerability from cvelistv5 – Published: 2024-03-27 21:52 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
nvidia GPU Display driver, vGPU driver, Cloud Gaming driver Affected: All versions prior to and including 16.3, 13.9, and all versions prior to and including the January 2024 release
Create a notification for this product.
nvidia geforce Affected: 0 , < 551.61 (custom)
Affected: 0 , < 474.89 (custom)
    cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia studio Affected: 0 , < 551.61 (custom)
    cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia tesla Affected: 0 , < 551.61 (custom)
Affected: 0 , < 538.33 (custom)
Affected: 0 , < 474.82 (custom)
    cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia quadro Affected: 0 , < 551.61 (custom)
Affected: 0 , < 538.33 (custom)
Affected: 0 , < 474.82 (custom)
    cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "geforce",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThan": "551.61",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "474.89",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "studio",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThan": "551.61",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tesla",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThan": "551.61",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "538.33",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "474.82",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "quadro",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThan": "551.61",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "538.33",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "474.82",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0073",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T18:36:45.908363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T17:25:21.848Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GPU Display driver, vGPU driver, Cloud Gaming driver",
          "vendor": "nvidia",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to and including 16.3, 13.9, and all versions prior to and including the January 2024 release"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
            }
          ],
          "value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-27T21:52:25.390Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5520"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CVE"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2024-0073",
    "datePublished": "2024-03-27T21:52:25.390Z",
    "dateReserved": "2023-12-02T00:41:43.311Z",
    "dateUpdated": "2024-08-01T17:41:15.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45592 (GCVE-0-2023-45592)

Vulnerability from cvelistv5 – Published: 2024-03-05 11:22 – Updated: 2024-08-12 17:29
VLAI
Summary
A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser (due to the binary being executed with the “--no-sandbox” option and with root privileges) exacerbates the impacts of successful attacks executed against the browser. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Impacted products
Vendor Product Version
AiLux imx6 bundle Affected: 0 , < 1.0.7-2 (semver)
Create a notification for this product.
ailux imx6_bundle Affected: 0 , < 1.0.7.2 (custom)
    cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Andrea Palanca of Nozomi Networks found this bug during a security research activity.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "imx6_bundle",
            "vendor": "ailux",
            "versions": [
              {
                "lessThan": "1.0.7.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-45592",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T16:39:47.803188Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T17:29:47.646Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:21:16.680Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45592"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "imx6 bundle",
          "vendor": "AiLux",
          "versions": [
            {
              "lessThan": "1.0.7-2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A CWE-250 \u201cExecution with Unnecessary Privileges\u201d vulnerability in the embedded Chromium browser (due to the binary being executed with the \u201c--no-sandbox\u201d option and with root privileges) exacerbates the impacts of successful attacks executed against the browser. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
            }
          ],
          "value": "A CWE-250 \u201cExecution with Unnecessary Privileges\u201d vulnerability in the embedded Chromium browser (due to the binary being executed with the \u201c--no-sandbox\u201d option and with root privileges) exacerbates the impacts of successful attacks executed against the browser. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-69",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-69 Target Programs with Elevated Privileges"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-05T11:22:14.789Z",
        "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "shortName": "Nozomi"
      },
      "references": [
        {
          "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45592"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
    "assignerShortName": "Nozomi",
    "cveId": "CVE-2023-45592",
    "datePublished": "2024-03-05T11:22:14.789Z",
    "dateReserved": "2023-10-09T08:26:54.316Z",
    "dateUpdated": "2024-08-12T17:29:47.646Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-43018 (GCVE-0-2023-43018)

Vulnerability from cvelistv5 – Published: 2023-11-02 23:48 – Updated: 2024-09-05 14:33
VLAI
Title
IBM CICS TX privilege escalation
Summary
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
ibm
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:37:23.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266163"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/7063668"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-43018",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-05T14:23:17.613633Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-05T14:33:34.695Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CICS TX Standard",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CICS TX Advanced",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.1, 11.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.  IBM X-Force ID:  266163."
            }
          ],
          "value": "IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.  IBM X-Force ID:  266163."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-02T23:48:46.991Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266163"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.ibm.com/support/pages/node/7063668"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM CICS TX privilege escalation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2023-43018",
    "datePublished": "2023-11-02T23:48:46.991Z",
    "dateReserved": "2023-09-15T01:11:41.606Z",
    "dateUpdated": "2024-09-05T14:33:34.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-39508 (GCVE-0-2023-39508)

Vulnerability from cvelistv5 – Published: 2023-08-05 06:47 – Updated: 2025-02-13 17:03
VLAI
Title
Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges
Summary
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the webserver context as well as allows to bypas limitation of access the user has to certain DAGs. The "Run Task" feature is considered dangerous and it has been removed entirely in Airflow 2.6.0 This issue affects Apache Airflow: before 2.6.0.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
  • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Airflow Affected: 0 , < 2.6.0 (semver)
Create a notification for this product.
apache airflow Affected: 0 , < 2.6.0 (custom)
    cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
balis0ng
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:10:21.246Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/apache/airflow/pull/29706"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/j2nkjd0zqvtqk85s6ywpx3c35pvzyx15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "airflow",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "2.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-39508",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T16:18:16.065665Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T16:21:24.955Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Airflow",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.6.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "balis0ng"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.\u003cp\u003eThe \"Run Task\" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the webserver context as well as allows to bypas limitation of access the user has to certain DAGs. The \"Run Task\" feature is considered dangerous and it has been removed entirely in Airflow 2.6.0\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Airflow: before 2.6.0.\u003c/p\u003e"
            }
          ],
          "value": "Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The \"Run Task\" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the webserver context as well as allows to bypas limitation of access the user has to certain DAGs. The \"Run Task\" feature is considered dangerous and it has been removed entirely in Airflow 2.6.0\n\nThis issue affects Apache Airflow: before 2.6.0."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-05T06:50:06.031Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/apache/airflow/pull/29706"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/j2nkjd0zqvtqk85s6ywpx3c35pvzyx15"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Airflow: Airflow \"Run task\" feature allows execution with unnecessary priviledges",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-39508",
    "datePublished": "2023-08-05T06:47:14.951Z",
    "dateReserved": "2023-08-03T08:34:33.364Z",
    "dateUpdated": "2025-02-13T17:03:08.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-38641 (GCVE-0-2023-38641)

Vulnerability from cvelistv5 – Published: 2023-08-08 09:20 – Updated: 2025-02-27 21:09
VLAI
Summary
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Impacted products
Vendor Product Version
Siemens SICAM TOOLBOX II Affected: All versions < V07.10
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-38641",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T21:54:06.339693Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T21:09:35.100Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SICAM TOOLBOX II",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V07.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions \u003c V07.10). The affected application\u0027s database service is executed as `NT AUTHORITY\\SYSTEM`.\r\nThis could allow a local attacker to execute operating system commands with elevated privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:43.085Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-38641",
    "datePublished": "2023-08-08T09:20:43.085Z",
    "dateReserved": "2023-07-21T11:53:33.660Z",
    "dateUpdated": "2025-02-27T21:09:35.100Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-37412 (GCVE-0-2023-37412)

Vulnerability from cvelistv5 – Published: 2025-01-29 16:34 – Updated: 2025-02-12 16:48
VLAI
Title
IBM Aspera Faspex improper access control
Summary
IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
ibm
References
Impacted products
Vendor Product Version
IBM Aspera Faspex Affected: 5.0.0 , ≤ 5.0.10 (semver)
    cpe:2.3:a:ibm:aspera_faspex:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:aspera_faspex:5.0.10:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-37412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T16:54:27.016356Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T16:48:00.305Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:aspera_faspex:5.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:aspera_faspex:5.0.10:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Aspera Faspex",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "5.0.10",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls."
            }
          ],
          "value": "IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-29T16:34:55.809Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "url": "https://www.ibm.com/support/pages/node/7181814"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM Aspera Faspex improper access control",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2023-37412",
    "datePublished": "2025-01-29T16:34:55.809Z",
    "dateReserved": "2023-07-05T15:59:16.997Z",
    "dateUpdated": "2025-02-12T16:48:00.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-18
Architecture and Design

Strategy: Separation of Privilege

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation MIT-18
Architecture and Design

Strategy: Attack Surface Reduction

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation
Implementation

Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.

Mitigation MIT-19
Implementation

When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.

Mitigation
Implementation

If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.

Mitigation MIT-37
Operation System Configuration

Strategy: Environment Hardening

Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.

CAPEC-104: Cross Zone Scripting

An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.

CAPEC-470: Expanding Control over the Operating System from the Database

An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.

CAPEC-69: Target Programs with Elevated Privileges

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.