gsd-2024-29964
Vulnerability from gsd
Modified
2024-04-03 05:02
Details
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ova appliance. A Docker instance could access any other instances, and a few could access sensitive files. The vulnerability could allow a sudo privileged user on the underlying OS to access and modify these files.
Aliases
{ gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2024-29964", ], details: "Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ova appliance. A Docker instance could access any other instances, and a few could access sensitive files. The vulnerability could allow a sudo privileged user on the underlying OS to access and modify these files.\n", id: "GSD-2024-29964", modified: "2024-04-03T05:02:30.517559Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "sirt@brocade.com", ID: "CVE-2024-29964", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Brocade SANnav", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { status: "affected", version: "before v2.3.0a", }, ], }, }, ], }, }, ], }, vendor_name: "Brocade", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: " Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.\n", }, ], }, generator: { engine: "Vulnogram 0.1.0-dev", }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-200", lang: "eng", value: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://support.broadcom.com/external/content/SecurityAdvisories/0/23249", refsource: "MISC", url: "https://support.broadcom.com/external/content/SecurityAdvisories/0/23249", }, ], }, source: { discovery: "UNKNOWN", }, }, "nvd.nist.gov": { cve: { descriptions: [ { lang: "en", value: " Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.\n", }, { lang: "es", value: "Las instancias de Docker en Brocade SANnav anteriores a v2.3.1 y v2.3.0a tienen una arquitectura y configuración inseguras que generan múltiples vulnerabilidades. Los demonios de Docker están expuestos a la interfaz WAN y otras vulnerabilidades permiten un control total sobre el dispositivo Ova. Una instancia de Docker podría acceder a cualquier otra instancia y algunas podrían acceder a archivos confidenciales. La vulnerabilidad podría permitir que un usuario con privilegios sudo en el sistema operativo subyacente acceda y modifique estos archivos.", }, ], id: "CVE-2024-29964", lastModified: "2024-04-26T00:15:08.383", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "sirt@brocade.com", type: "Secondary", }, ], }, published: "2024-04-19T05:15:49.217", references: [ { source: "sirt@brocade.com", url: "https://support.broadcom.com/external/content/SecurityAdvisories/0/23249", }, ], sourceIdentifier: "sirt@brocade.com", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "sirt@brocade.com", type: "Secondary", }, ], }, }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.