CVE-2024-3232 (GCVE-0-2024-3232)
Vulnerability from cvelistv5
Published
2024-07-16 17:02
Modified
2024-08-01 20:05
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Summary
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232
References
Impacted products
Vendor Product Version
Tenable Tenable Identity Exposure Version: Tenable Identity Exposure 3.42
Version: Tenable Identity Exposure 3.29
Version: Tenable Identity Exposure 3.19
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:tenable:identity_exposure:3.19:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "identity_exposure",
            "vendor": "tenable",
            "versions": [
              {
                "status": "affected",
                "version": "3.19"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:tenable:identity_exposure:3.29:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "identity_exposure",
            "vendor": "tenable",
            "versions": [
              {
                "status": "affected",
                "version": "3.29"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:tenable:identity_exposure:3.42:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "identity_exposure",
            "vendor": "tenable",
            "versions": [
              {
                "status": "affected",
                "version": "3.42"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3232",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T19:12:59.960894Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T13:59:11.375Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:05:08.350Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2024-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "platforms": [
            "Windows"
          ],
          "product": "Tenable Identity Exposure",
          "vendor": "Tenable",
          "versions": [
            {
              "status": "affected",
              "version": "Tenable Identity Exposure 3.42"
            },
            {
              "status": "affected",
              "version": "Tenable Identity Exposure 3.29"
            },
            {
              "status": "affected",
              "version": "Tenable Identity Exposure 3.19"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ammarit Thongthua and Sarun Pornjarungsak from Secure D Research team"
        }
      ],
      "datePublic": "2024-02-21T19:50:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nA formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232\n\n"
            }
          ],
          "value": "A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-16T17:02:19.000Z",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "url": "https://www.tenable.com/security/tns-2024-04"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nTenable has released Tenable Identity Exposure Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/identity-exposure\"\u003ehttps://www.tenable.com/downloads/identity-exposure\u003c/a\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Tenable has released Tenable Identity Exposure Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal:  https://www.tenable.com/downloads/identity-exposure"
        }
      ],
      "source": {
        "advisory": "tns-2024-04",
        "discovery": "EXTERNAL"
      },
      "title": "Formula Injection Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2024-3232",
    "datePublished": "2024-07-16T17:02:19.000Z",
    "dateReserved": "2024-04-02T19:00:49.569Z",
    "dateUpdated": "2024-08-01T20:05:08.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-3232\",\"sourceIdentifier\":\"vulnreport@tenable.com\",\"published\":\"2024-07-16T17:15:11.267\",\"lastModified\":\"2024-11-21T09:29:12.230\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de inyecci\u00f3n de f\u00f3rmula en Tenable Identity Exposure donde un atacante remoto autenticado con privilegios administrativos podr\u00eda manipular los campos del formulario de solicitud para enga\u00f1ar a otro administrador para que ejecute payloads CSV. - CVE-2024-3232\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"vulnreport@tenable.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":7.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"vulnreport@tenable.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1236\"}]}],\"references\":[{\"url\":\"https://www.tenable.com/security/tns-2024-04\",\"source\":\"vulnreport@tenable.com\"},{\"url\":\"https://www.tenable.com/security/tns-2024-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.tenable.com/security/tns-2024-04\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:05:08.350Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-3232\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-16T19:12:59.960894Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:tenable:identity_exposure:3.19:*:*:*:*:*:*:*\"], \"vendor\": \"tenable\", \"product\": \"identity_exposure\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.19\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:tenable:identity_exposure:3.29:*:*:*:*:*:*:*\"], \"vendor\": \"tenable\", \"product\": \"identity_exposure\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.29\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:tenable:identity_exposure:3.42:*:*:*:*:*:*:*\"], \"vendor\": \"tenable\", \"product\": \"identity_exposure\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.42\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T20:12:05.415Z\"}}], \"cna\": {\"title\": \"Formula Injection Vulnerability\", \"source\": {\"advisory\": \"tns-2024-04\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Ammarit Thongthua and Sarun Pornjarungsak from Secure D Research team\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Tenable\", \"product\": \"Tenable Identity Exposure\", \"versions\": [{\"status\": \"affected\", \"version\": \"Tenable Identity Exposure 3.42\"}, {\"status\": \"affected\", \"version\": \"Tenable Identity Exposure 3.29\"}, {\"status\": \"affected\", \"version\": \"Tenable Identity Exposure 3.19\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"affected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Tenable has released Tenable Identity Exposure Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal:  https://www.tenable.com/downloads/identity-exposure\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nTenable has released Tenable Identity Exposure Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.tenable.com/downloads/identity-exposure\\\"\u003ehttps://www.tenable.com/downloads/identity-exposure\u003c/a\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-02-21T19:50:00.000Z\", \"references\": [{\"url\": \"https://www.tenable.com/security/tns-2024-04\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nA formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1236\", \"description\": \"CWE-1236 Improper Neutralization of Formula Elements in a CSV File\"}]}], \"providerMetadata\": {\"orgId\": \"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be\", \"shortName\": \"tenable\", \"dateUpdated\": \"2024-07-16T17:02:19.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-3232\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T20:05:08.350Z\", \"dateReserved\": \"2024-04-02T19:00:49.569Z\", \"assignerOrgId\": \"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be\", \"datePublished\": \"2024-07-16T17:02:19.000Z\", \"assignerShortName\": \"tenable\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.