fkie_nvd - fkie_cve-2024-45769

fkie_cve-2024-45769

Vulnerability from fkie_nvd

Published

2024-09-19 09:15

Modified

2024-11-12 18:15

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6837
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6840
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6842
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6843
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6844
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6846
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6847
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6848
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:9452
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-45769
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2310452

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in Performance Co-Pilot (PCP).\u00a0 This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad en Performance Co-Pilot (PCP). Esta falla permite que un atacante env\u00ede datos especialmente manipulados al sistema, lo que podr\u00eda provocar que el programa funcione mal o se bloquee."
    }
  ],
  "id": "CVE-2024-45769",
  "lastModified": "2024-11-12T18:15:35.427",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-19T09:15:02.343",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6837"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6840"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6842"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6843"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6844"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6846"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6847"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:6848"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:9452"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-45769"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310452"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

CVE-2024-45769 (GCVE-0-2024-45769)

Vulnerability from cvelistv5

Published

2024-09-19 08:45

Modified

2025-07-24 13:19

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-787 - Out-of-bounds Write

Summary

A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:6837	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6840	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6842	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6843	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6844	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6846	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6847	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6848	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9452	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-45769	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2310452	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:5.3.7-22.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:5.0.2-9.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:5.2.5-8.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:5.2.5-8.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 0:5.2.5-8.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:5.3.5-10.el8_6 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:5.3.5-10.el8_6 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:5.3.5-10.el8_6 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:5.3.7-19.el8_8 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:6.2.0-5.el9_4 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:6.2.2-7.el9_5 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:5.3.5-10.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:6.0.1-8.el9_2 < * cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Show details on NVD website