CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
CVE-2009-10005 (GCVE-0-2009-10005)
Vulnerability from cvelistv5
Published
2025-08-20 15:31
Modified
2025-08-20 19:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ContentKeeper Technologies | Web Appliance |
Version: * ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2009-10005",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:21:48.507028Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T19:22:01.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"mimencode CGI binary"
],
"product": "Web Appliance",
"vendor": "ContentKeeper Technologies",
"versions": [
{
"lessThan": "125.10",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Patrick Webster (aushack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot."
}
],
"value": "ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot."
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T15:31:57.963Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb"
},
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/16923"
},
{
"tags": [
"technical-description"
],
"url": "http://www.aushack.com/200904-contentkeeper.txt"
},
{
"tags": [
"product"
],
"url": "https://web.archive.org/web/20100325220542/http://www.contentkeeper.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/contentkeeper-web-appliance-arbitrary-file-access-via-mimencode"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ContentKeeper Web Appliance \u003c 125.10 Arbitrary File Access via mimencode",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2009-10005",
"datePublished": "2025-08-20T15:31:57.963Z",
"dateReserved": "2025-08-18T20:45:05.163Z",
"dateUpdated": "2025-08-20T19:22:01.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17519 (GCVE-0-2020-17519)
Vulnerability from cvelistv5
Published
2021-01-05 11:40
Modified
2025-10-21 23:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Flink |
Version: Apache Flink 1.11.0 to 1.11.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:flink:1.11.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flink",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "1.11.2",
"status": "affected",
"version": "1.11.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-17519",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-24T13:06:18.393321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-05-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-17519"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:30.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-17519"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-23T00:00:00+00:00",
"value": "CVE-2020-17519 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:00:48.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-user] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cuser.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cannounce.apache.org%3E"
},
{
"name": "[oss-security] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/05/2"
},
{
"name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-Read-Directory-Traversal.html"
},
{
"name": "[flink-issues] 20210110 [jira] [Updated] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2fc60b30557e4a537c2a6293023049bd1c49fd92b518309aa85a0398%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4e1b72bfa789ea5bc20b8afe56119200ed25bdab0eb80d664fa5bfe2%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0a433be10676f4fe97ca423d08f914e0ead341c901216f292d2bbe83%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Assigned] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r88b55f3ebf1f8f4e1cc61f030252aaef4b77060b56557a243abb92a1%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Commented] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r88f427865fb6aa6e6378efe07632a1906b430365e15e3b9621aabe1d%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210113 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra8c96bf3ccb4e491f9ce87ba35f134b4449beb2a38d1ce28fd89001f%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210115 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r229167538863518738e02f4c1c5a8bb34c1d45dadcc97adf6676b0c1%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Flink",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Flink 1.11.0 to 1.11.2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "0rich1 of Ant Security FG Lab"
}
],
"descriptions": [
{
"lang": "en",
"value": "A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:41:23.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-user] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cuser.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cannounce.apache.org%3E"
},
{
"name": "[oss-security] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/05/2"
},
{
"name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034%40%3Cissues.flink.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-Read-Directory-Traversal.html"
},
{
"name": "[flink-issues] 20210110 [jira] [Updated] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2fc60b30557e4a537c2a6293023049bd1c49fd92b518309aa85a0398%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4e1b72bfa789ea5bc20b8afe56119200ed25bdab0eb80d664fa5bfe2%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0a433be10676f4fe97ca423d08f914e0ead341c901216f292d2bbe83%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Assigned] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r88b55f3ebf1f8f4e1cc61f030252aaef4b77060b56557a243abb92a1%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Commented] (FLINK-20916) Typo in test for CVE-2020-17519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r88f427865fb6aa6e6378efe07632a1906b430365e15e3b9621aabe1d%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210113 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra8c96bf3ccb4e491f9ce87ba35f134b4449beb2a38d1ce28fd89001f%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210115 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r229167538863518738e02f4c1c5a8bb34c1d45dadcc97adf6676b0c1%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d%40%3Cuser-zh.flink.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Flink directory traversal attack: reading remote files through the REST API",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-17519",
"STATE": "PUBLIC",
"TITLE": "Apache Flink directory traversal attack: reading remote files through the REST API"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Flink",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "Apache Flink",
"version_value": "1.11.0 to 1.11.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "0rich1 of Ant Security FG Lab"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552 Files or Directories Accessible to External Parties"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-user] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cuser.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cannounce.apache.org%3E"
},
{
"name": "[oss-security] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/01/05/2"
},
{
"name": "[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r28f17e564950d663e68cc6fe75756012dda62ac623766bb9bc5e7034@%3Cissues.flink.apache.org%3E"
},
{
"name": "http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-Read-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/160849/Apache-Flink-1.11.0-Arbitrary-File-Read-Directory-Traversal.html"
},
{
"name": "[flink-issues] 20210110 [jira] [Updated] (FLINK-20916) Typo in test for CVE-2020-17519",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2fc60b30557e4a537c2a6293023049bd1c49fd92b518309aa85a0398@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4e1b72bfa789ea5bc20b8afe56119200ed25bdab0eb80d664fa5bfe2@%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0a433be10676f4fe97ca423d08f914e0ead341c901216f292d2bbe83@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Assigned] (FLINK-20916) Typo in test for CVE-2020-17519",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r88b55f3ebf1f8f4e1cc61f030252aaef4b77060b56557a243abb92a1@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210111 [jira] [Commented] (FLINK-20916) Typo in test for CVE-2020-17519",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r88f427865fb6aa6e6378efe07632a1906b430365e15e3b9621aabe1d@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210113 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra8c96bf3ccb4e491f9ce87ba35f134b4449beb2a38d1ce28fd89001f@%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-dev] 20210115 Re: [DISCUSS] Releasing Apache Flink 1.10.3",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r229167538863518738e02f4c1c5a8bb34c1d45dadcc97adf6676b0c1@%3Cdev.flink.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r26fcdd4fe288323006253437ebc4dd6fdfadfb5e93465a0e4f68420d@%3Cuser-zh.flink.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-17519",
"datePublished": "2021-01-05T11:40:14.000Z",
"dateReserved": "2020-08-12T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:30.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4463 (GCVE-0-2021-4463)
Vulnerability from cvelistv5
Published
2025-11-12 22:07
Modified
2025-11-13 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Shenzhen Longjing Technology Co. Ltd. | BEMS API |
Version: 0 ≤ 1.21 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T17:05:01.698452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T17:05:15.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BEMS API",
"vendor": "Shenzhen Longjing Technology Co. Ltd.",
"versions": [
{
"lessThanOrEqual": "1.21",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gjoko Krstic of Zero Science Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the \u0027downloads\u0027 endpoint. The \u0027fileName\u0027 parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory."
}
],
"value": "Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the \u0027downloads\u0027 endpoint. The \u0027fileName\u0027 parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T22:07:30.512Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php"
},
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/50163"
},
{
"tags": [
"exploit"
],
"url": "https://packetstormsecurity.com/files/163702"
},
{
"tags": [
"exploit"
],
"url": "https://cxsecurity.com/issue/WLB-2021070173"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206477"
},
{
"tags": [
"product"
],
"url": "https://web.archive.org/web/20220527162453/http://www.ljkj2012.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/longjing-technology-bems-api-remote-arbitrary-file-download"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-07-27T16:00:00.000Z",
"value": "ZSL-2021-5657 is publicly disclosed."
}
],
"title": "Longjing Technology BEMS API \u003c= 1.21 Remote Arbitrary File Download",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-4463",
"datePublished": "2025-11-12T22:07:30.512Z",
"dateReserved": "2025-11-12T20:55:39.039Z",
"dateUpdated": "2025-11-13T17:05:15.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-34464 (GCVE-0-2022-34464)
Vulnerability from cvelistv5
Published
2022-07-12 10:07
Modified
2025-11-12 07:21
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SICAM GridEdge (Classic) |
Version: 0 < V2.7.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:15:15.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SICAM GridEdge (Classic)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM GridEdge (Classic) (All versions \u003c V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T07:21:34.158Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-225578.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-34464",
"datePublished": "2022-07-12T10:07:19",
"dateReserved": "2022-06-24T00:00:00",
"dateUpdated": "2025-11-12T07:21:34.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-29450 (GCVE-0-2023-29450)
Vulnerability from cvelistv5
Published
2023-07-13 08:25
Modified
2025-11-03 21:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:47.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-22588"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T14:20:54.709979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T14:21:04.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Server",
"Proxy"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "5.0.32rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.31",
"status": "affected",
"version": "5.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.14rc1 (6.0.16 is recommended)",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.13",
"status": "affected",
"version": "6.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.2.8rc1",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.2.7",
"status": "affected",
"version": "6.2",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.0rc2",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.0rc1",
"status": "affected",
"version": "6.4",
"versionType": "git"
}
]
}
],
"datePublic": "2023-02-23T08:03:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."
}
],
"value": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data."
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:06:27.489Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22588"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized limited filesystem access from preprocessing",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-29450",
"datePublished": "2023-07-13T08:25:27.911Z",
"dateReserved": "2023-04-06T18:04:44.891Z",
"dateUpdated": "2025-11-03T21:47:47.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3712 (GCVE-0-2023-3712)
Vulnerability from cvelistv5
Published
2023-09-12 19:59
Modified
2025-09-12 19:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.Â
Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.honeywell.com/us/en/product-security"
},
{
"tags": [
"x_transferred"
],
"url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
},
{
"tags": [
"x_transferred"
],
"url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:54:07.219279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:19:21.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Printer web page"
],
"platforms": [
"32 bit"
],
"product": "PM23/43",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "P10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PC23/43, PD43",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "K10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PM42",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "T10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PM42",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "L10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PX4ie/6ie",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "A10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PX45/65",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "B10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PD45, PX240",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "F10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PX940",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "H10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "PM45",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "J10.19.050004",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"32 bit"
],
"product": "RP2f/RP4f",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "M10.19.050006",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jinqi Lai (Independent Security Researcher)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
}
],
"value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.\u00a0\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T19:33:38.362Z",
"orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"shortName": "Honeywell"
},
"references": [
{
"url": "https://www.honeywell.com/us/en/product-security"
},
{
"url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
},
{
"url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Potential user privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"assignerShortName": "Honeywell",
"cveId": "CVE-2023-3712",
"datePublished": "2023-09-12T19:59:00.396Z",
"dateReserved": "2023-07-17T13:59:27.158Z",
"dateUpdated": "2025-09-12T19:33:38.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0949 (GCVE-0-2024-0949)
Vulnerability from cvelistv5
Published
2024-06-27 09:36
Modified
2025-10-14 12:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.This issue affects Elektraweb: before v17.0.68.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Talya Informatics | Elektraweb |
Version: 0 < v17.0.68 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:talya_informatics:elektraweb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "elektraweb",
"vendor": "talya_informatics",
"versions": [
{
"lessThan": "v17.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0949",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T13:32:07.238546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T13:37:21.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:28.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elektraweb",
"vendor": "Talya Informatics",
"versions": [
{
"lessThan": "v17.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yusuf Kamil \u00c7AVU\u015eO\u011eLU"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.\u003cp\u003eThis issue affects Elektraweb: before v17.0.68.\u003c/p\u003e"
}
],
"value": "Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.This issue affects Elektraweb: before v17.0.68."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T12:33:41.539Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"
}
],
"source": {
"advisory": "TR-24-0808",
"defect": [
"TR-24-0808"
],
"discovery": "UNKNOWN"
},
"title": "Improper Access Control in Talya Informatics\u0027 Elektraweb",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-0949",
"datePublished": "2024-06-27T09:36:59.897Z",
"dateReserved": "2024-01-26T13:00:20.711Z",
"dateUpdated": "2025-10-14T12:33:41.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38876 (GCVE-0-2024-38876)
Vulnerability from cvelistv5
Published
2024-08-02 10:36
Modified
2025-11-03 21:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Omnivise T3000 Application Server R9.2 |
Version: 0 < * |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_application_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_application_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_domain_controller_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_domain_controller_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_product_data_management_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_product_data_management_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_r8.2_sp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_r8.2_sp3",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_r82_sp4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_r82_sp4",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_terminal_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_terminal_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_thin_client_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_thin_client_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:omnivise_t3000_whitelisting_server_r9.2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "omnivise_t3000_whitelisting_server_r9.2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:21:31.609941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:14:54.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:55:53.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Application Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Domain Controller R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Product Data Management (PDM) R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 R8.2 SP3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 R8.2 SP4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Terminal Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Thin Client R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Omnivise T3000 Whitelisting Server R9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:12.401Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-38876",
"datePublished": "2024-08-02T10:36:16.928Z",
"dateReserved": "2024-06-21T08:28:10.677Z",
"dateUpdated": "2025-11-03T21:55:53.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53649 (GCVE-0-2024-53649)
Vulnerability from cvelistv5
Published
2025-01-14 10:30
Modified
2025-11-11 20:20
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V9.68), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SA82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SA82 (CP150) (All versions < V9.80), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SD82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SD82 (CP150) (All versions < V9.80), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SJ81 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.80), SIPROTEC 5 7SJ82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.80), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SK82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SK82 (CP150) (All versions < V9.80), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SL82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7SL82 (CP150) (All versions < V9.80), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7ST85 (CP300) (All versions < V9.68), SIPROTEC 5 7ST86 (CP300) (All versions < V9.80), SIPROTEC 5 7SX82 (CP150) (All versions < V9.80), SIPROTEC 5 7SX85 (CP300) (All versions < V9.80), SIPROTEC 5 7SY82 (CP150) (All versions < V9.80), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT82 (CP100) (All versions >= V7.80 < V8.90), SIPROTEC 5 7UT82 (CP150) (All versions < V9.80), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 7VU85 (CP300) (All versions < V9.80), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.80). Affected devices do not properly limit the path accessible via their webserver. This could allow an authenticated remote attacker to read arbitrary files from the filesystem of affected devices.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIPROTEC 5 6MD84 (CP300) |
Version: 0 < V9.80 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T14:31:48.612161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:33:11.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD84 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD89 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.68",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7KE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SS85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SY82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UM85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VK87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Compact 7SX800 (CP050)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions \u003c V9.80), SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80 \u003c V9.68), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SA82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SD82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SJ81 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SJ82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SK82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SL82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7ST85 (CP300) (All versions \u003c V9.68), SIPROTEC 5 7ST86 (CP300) (All versions \u003c V9.80), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7SX85 (CP300) (All versions \u003c V9.80), SIPROTEC 5 7SY82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT82 (CP100) (All versions \u003e= V7.80 \u003c V8.90), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V9.80), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V9.80), SIPROTEC 5 7VU85 (CP300) (All versions \u003c V9.80), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V9.80). Affected devices do not properly limit the path accessible via their webserver. This could allow an authenticated remote attacker to read arbitrary files from the filesystem of affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552: Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T20:20:24.620Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-194557.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-53649",
"datePublished": "2025-01-14T10:30:13.430Z",
"dateReserved": "2024-11-21T13:26:39.693Z",
"dateUpdated": "2025-11-11T20:20:24.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-54099 (GCVE-0-2024-54099)
Vulnerability from cvelistv5
Published
2024-12-12 11:23
Modified
2025-09-18 06:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
File replacement vulnerability on some devices
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-54099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T15:24:24.877082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T15:24:42.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.2.0"
},
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "14.0.0"
},
{
"status": "affected",
"version": "13.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "File replacement vulnerability on some devices\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality."
}
],
"value": "File replacement vulnerability on some devices\nImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T06:37:14.074Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/12/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2024-54099",
"datePublished": "2024-12-12T11:23:40.542Z",
"dateReserved": "2024-11-29T02:34:46.789Z",
"dateUpdated": "2025-09-18T06:37:14.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Implementation, System Configuration, Operation
Description:
- When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.