CWE-1327
Binding to an Unrestricted IP Address
The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.
CVE-2022-29820 (GCVE-0-2022-29820)
Vulnerability from cvelistv5
Published
2022-04-28 09:55
Modified
2024-08-03 06:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1327 - Binding to an Unrestricted IP Address
Summary
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:42.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PyCharm",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2022.1",
"status": "affected",
"version": "2022.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327: Binding to an Unrestricted IP Address",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-28T09:55:30",
"orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
"shortName": "JetBrains"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
}
],
"source": {
"defect": [
"PY-52288"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@jetbrains.com",
"ID": "CVE-2022-29820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PyCharm",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2022.1",
"version_value": "2022.1"
}
]
}
}
]
},
"vendor_name": "JetBrains"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1327: Binding to an Unrestricted IP Address"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"refsource": "MISC",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
}
]
},
"source": {
"defect": [
"PY-52288"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
"assignerShortName": "JetBrains",
"cveId": "CVE-2022-29820",
"datePublished": "2022-04-28T09:55:30",
"dateReserved": "2022-04-27T00:00:00",
"dateUpdated": "2024-08-03T06:33:42.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1968 (GCVE-0-2023-1968)
Vulnerability from cvelistv5
Published
2023-04-28 18:09
Modified
2025-01-16 21:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1327 - Binding to an Unrestricted IP Address
Summary
Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Illumina | iScan Control Software |
Version: 4.0.0 Version: 4.0.5 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:05:27.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:58:25.534437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:35:22.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iScan Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "4.0.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniSeq Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "2.0 "
}
]
},
{
"defaultStatus": "unaffected",
"product": "iSeq 100",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiSeq Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "4.0 (RUO Mode)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiSeqDx Operating Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "4.0.1 "
}
]
},
{
"defaultStatus": "unaffected",
"product": "NextSeq 500/550 Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "4.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NextSeq 550Dx Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "4.0 (RUO Mode)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NextSeq 550Dx Operating Software",
"vendor": "Illumina ",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "1.0.0 ",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.3.3 "
}
]
},
{
"defaultStatus": "unaffected",
"product": "NextSeq 1000/2000 Control Software",
"vendor": "Illumina ",
"versions": [
{
"lessThanOrEqual": "1.4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NovaSeq 6000 Control Software",
"vendor": "Illumina ",
"versions": [
{
"lessThanOrEqual": "1.7 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NovaSeq Control Software",
"vendor": "Illumina ",
"versions": [
{
"status": "affected",
"version": "1.8"
}
]
}
],
"credits": [
{
"lang": "en",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Illumina reported these vulnerabilities to CISA. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInstruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications. \u003c/span\u003e\n\n\n\n\n\n\n\n"
}
],
"value": "\nInstruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications. \n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327 Binding to an Unrestricted IP Address",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T18:09:17.372Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "CVE-2023-1968",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIllumina recommends using the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html\"\u003eUCS Vulnerability Instructions Guide\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;based on the user\u2019s specific system configuration to mitigate the vulnerabilities. Illumina recommends users read the instructions before downloading any software. \u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nIllumina recommends using the UCS Vulnerability Instructions Guide https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html \u00a0based on the user\u2019s specific system configuration to mitigate the vulnerabilities. Illumina recommends users read the instructions before downloading any software. \n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-1968",
"datePublished": "2023-04-28T18:09:17.372Z",
"dateReserved": "2023-04-10T14:51:29.181Z",
"dateUpdated": "2025-01-16T21:35:22.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41742 (GCVE-0-2023-41742)
Vulnerability from cvelistv5
Published
2023-08-31 14:27
Modified
2024-09-27 14:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Acronis | Acronis Agent |
Version: unspecified ≤ |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:47.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SEC-4351",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-4351"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T13:05:43.523177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T14:17:36.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"macOS",
"Windows"
],
"product": "Acronis Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "30430",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"macOS",
"Windows"
],
"product": "Acronis Cyber Protect 15",
"vendor": "Acronis",
"versions": [
{
"lessThan": "35979",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T14:27:28.948Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-4351",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-4351"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2023-41742",
"datePublished": "2023-08-31T14:27:28.948Z",
"dateReserved": "2023-08-31T14:10:27.637Z",
"dateUpdated": "2024-09-27T14:17:36.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5398 (GCVE-0-2023-5398)
Vulnerability from cvelistv5
Published
2024-04-17 16:40
Modified
2024-08-02 07:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service. See Honeywell Security Notification for recommendations on upgrading and versioning.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Honeywell | Experion Server |
Version: 520.2 ≤ 520.2 TCU4 Version: 510.1 ≤ 510.2 HF13 Version: 520.1 ≤ 520.1 TCU4 Version: 511.1 ≤ 511.5 TCU4 HF3 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:honeywell:experion_server:520.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experion_server",
"vendor": "honeywell",
"versions": [
{
"lessThanOrEqual": "520.2_tcu4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:honeywell:experion_server:510.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experion_server",
"vendor": "honeywell",
"versions": [
{
"lessThanOrEqual": "510.2_hf13",
"status": "affected",
"version": "510.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:honeywell:experion_server:520.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experion_server",
"vendor": "honeywell",
"versions": [
{
"lessThanOrEqual": "520.1_tcu4",
"status": "affected",
"version": "520.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:honeywell:experion_server:511.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experion_server",
"vendor": "honeywell",
"versions": [
{
"lessThanOrEqual": "511.5_tcu4_hf3",
"status": "affected",
"version": "511.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T13:03:36.390624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T19:39:56.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://process.honeywell.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Experion PKS"
],
"product": "Experion Server",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "510.2 HF13",
"status": "affected",
"version": "510.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "511.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Experion LX"
],
"product": "Experion Server",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "511.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"PlantCruise by Experion"
],
"product": "Experion Server",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "520.2 TCU4 HFR2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSee Honeywell Security Notification for recommendations on upgrading and versioning.\u003c/span\u003e\n\n"
}
],
"value": "Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service.\u00a0See Honeywell Security Notification for recommendations on upgrading and versioning.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-25T16:58:13.998Z",
"orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"shortName": "Honeywell"
},
"references": [
{
"url": "https://process.honeywell.com"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"assignerShortName": "Honeywell",
"cveId": "CVE-2023-5398",
"datePublished": "2024-04-17T16:40:10.248Z",
"dateReserved": "2023-10-04T17:50:51.025Z",
"dateUpdated": "2024-08-02T07:59:44.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36105 (GCVE-0-2024-36105)
Vulnerability from cvelistv5
Published
2024-05-27 17:17
Modified
2024-08-21 14:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1327 - Binding to an Unrestricted IP Address
Summary
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to `INADDR_ANY (0.0.0.0)` or `IN6ADDR_ANY (::)` exposes an application on all network interfaces, increasing the risk of unauthorized access. As stated in the Python docs, a special form for address is accepted instead of a host address: `''` represents `INADDR_ANY`, equivalent to `"0.0.0.0"`. On systems with IPv6, '' represents `IN6ADDR_ANY`, which is equivalent to `"::"`. A user who serves docs on an unsecured public network, may unknowingly be hosting an unsecured (http) web site for any remote user/system to access on the same network. The issue has has been mitigated in dbt-core v1.6.15, dbt-core v1.7.15, and dbt-core v1.8.1 by binding to localhost explicitly by default in `dbt docs serve`.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:30:12.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349"
},
{
"name": "https://github.com/dbt-labs/dbt-core/issues/10209",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/issues/10209"
},
{
"name": "https://github.com/dbt-labs/dbt-core/pull/10208",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/pull/10208"
},
{
"name": "https://github.com/dbt-labs/dbt-core/commit/0c08d7a19ad1740be3cb0b2e6d9d64f6537176f7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/commit/0c08d7a19ad1740be3cb0b2e6d9d64f6537176f7"
},
{
"name": "https://cwe.mitre.org/data/definitions/1327.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/1327.html"
},
{
"name": "https://docs.python.org/3/library/socket.html#socket-families",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.python.org/3/library/socket.html#socket-families"
},
{
"name": "https://docs.securesauce.dev/rules/PY030",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.securesauce.dev/rules/PY030"
},
{
"name": "https://github.com/dbt-labs/dbt-core/blob/main/core/dbt/task/docs/serve.py#L23C38-L23C39",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/blob/main/core/dbt/task/docs/serve.py#L23C38-L23C39"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.6.15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.6.15"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.7.15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.7.15"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.8.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.8.1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dbt-labs:dbt-core:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dbt-core",
"vendor": "dbt-labs",
"versions": [
{
"lessThan": "1.6.15",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.7.15",
"status": "affected",
"version": "1.7.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:dbt-labs:dbt-core:1.8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dbt-core",
"vendor": "dbt-labs",
"versions": [
{
"status": "affected",
"version": "1.8.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36105",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:52:53.518603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T14:20:58.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "dbt-core",
"vendor": "dbt-labs",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.15"
},
{
"status": "affected",
"version": "\u003e= 1.7.0, \u003c 1.7.15"
},
{
"status": "affected",
"version": "= 1.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to `INADDR_ANY (0.0.0.0)` or `IN6ADDR_ANY (::)` exposes an application on all network interfaces, increasing the risk of unauthorized access. As stated in the Python docs, a special form for address is accepted instead of a host address: `\u0027\u0027` represents `INADDR_ANY`, equivalent to `\"0.0.0.0\"`. On systems with IPv6, \u0027\u0027 represents `IN6ADDR_ANY`, which is equivalent to `\"::\"`. A user who serves docs on an unsecured public network, may unknowingly be hosting an unsecured (http) web site for any remote user/system to access on the same network. The issue has has been mitigated in dbt-core v1.6.15, dbt-core v1.7.15, and dbt-core v1.8.1 by binding to localhost explicitly by default in `dbt docs serve`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327: Binding to an Unrestricted IP Address",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T17:17:39.875Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349"
},
{
"name": "https://github.com/dbt-labs/dbt-core/issues/10209",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/issues/10209"
},
{
"name": "https://github.com/dbt-labs/dbt-core/pull/10208",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/pull/10208"
},
{
"name": "https://github.com/dbt-labs/dbt-core/commit/0c08d7a19ad1740be3cb0b2e6d9d64f6537176f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/commit/0c08d7a19ad1740be3cb0b2e6d9d64f6537176f7"
},
{
"name": "https://cwe.mitre.org/data/definitions/1327.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/1327.html"
},
{
"name": "https://docs.python.org/3/library/socket.html#socket-families",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.python.org/3/library/socket.html#socket-families"
},
{
"name": "https://docs.securesauce.dev/rules/PY030",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.securesauce.dev/rules/PY030"
},
{
"name": "https://github.com/dbt-labs/dbt-core/blob/main/core/dbt/task/docs/serve.py#L23C38-L23C39",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/blob/main/core/dbt/task/docs/serve.py#L23C38-L23C39"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.6.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.6.15"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.7.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.7.15"
},
{
"name": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.8.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.8.1"
}
],
"source": {
"advisory": "GHSA-pmrx-695r-4349",
"discovery": "UNKNOWN"
},
"title": "dbt allows Binding to an Unrestricted IP Address via socketsocket"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-36105",
"datePublished": "2024-05-27T17:17:39.875Z",
"dateReserved": "2024-05-20T21:07:48.186Z",
"dateUpdated": "2024-08-21T14:20:58.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47176 (GCVE-0-2024-47176)
Vulnerability from cvelistv5
Published
2024-09-26 21:13
Modified
2024-10-02 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1327 - Binding to an Unrestricted IP Address
Summary
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
References
| ► | URL | Tags |
|---|---|---|
|
|
||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups-browsed |
Version: <= 2.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-27T19:39:10.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/27/6"
},
{
"url": "https://github.com/OpenPrinting/cups-browsed/commit/1debe6b140c37e0aa928559add4abcc95ce54aa2"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cups",
"vendor": "openprinting",
"versions": [
{
"status": "affected",
"version": "2.0.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47176",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:10:15.456578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:13:04.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups-browsed",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327: Binding to an Unrestricted IP Address",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:16:51.368Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
},
{
"name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
},
{
"name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
},
{
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
},
{
"name": "https://github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.c#L13992",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.c#L13992"
},
{
"name": "https://www.cups.org",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cups.org"
},
{
"name": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I"
}
],
"source": {
"advisory": "GHSA-rj88-6mr5-rcw8",
"discovery": "UNKNOWN"
},
"title": "cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47176",
"datePublished": "2024-09-26T21:13:05.913Z",
"dateReserved": "2024-09-19T22:32:11.962Z",
"dateUpdated": "2024-10-02T19:16:51.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49382 (GCVE-0-2024-49382)
Vulnerability from cvelistv5
Published
2024-10-15 10:32
Modified
2024-10-15 12:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acronis | Acronis Cyber Protect 16 |
Version: unspecified ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T12:46:18.366227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T12:46:35.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Windows"
],
"product": "Acronis Cyber Protect 16",
"vendor": "Acronis",
"versions": [
{
"lessThan": "38690",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T10:32:55.845Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-7286",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7286"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2024-49382",
"datePublished": "2024-10-15T10:32:55.845Z",
"dateReserved": "2024-10-14T15:01:16.473Z",
"dateUpdated": "2024-10-15T12:46:35.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49383 (GCVE-0-2024-49383)
Vulnerability from cvelistv5
Published
2024-10-15 10:33
Modified
2024-10-15 12:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acronis | Acronis Cyber Protect 16 |
Version: unspecified ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T12:46:37.448156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T12:46:55.089Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Windows"
],
"product": "Acronis Cyber Protect 16",
"vendor": "Acronis",
"versions": [
{
"lessThan": "38690",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T10:33:14.227Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-7285",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7285"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2024-49383",
"datePublished": "2024-10-15T10:33:14.227Z",
"dateReserved": "2024-10-14T15:01:16.473Z",
"dateUpdated": "2024-10-15T12:46:55.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49384 (GCVE-0-2024-49384)
Vulnerability from cvelistv5
Published
2024-10-15 10:33
Modified
2024-10-15 12:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acronis | Acronis Cyber Protect 16 |
Version: unspecified ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T12:46:56.724045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T12:47:14.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Windows"
],
"product": "Acronis Cyber Protect 16",
"vendor": "Acronis",
"versions": [
{
"lessThan": "38690",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T10:33:52.655Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-7284",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7284"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2024-49384",
"datePublished": "2024-10-15T10:33:52.655Z",
"dateReserved": "2024-10-14T15:01:16.473Z",
"dateUpdated": "2024-10-15T12:47:14.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3621 (GCVE-0-2025-3621)
Vulnerability from cvelistv5
Published
2025-07-15 07:22
Modified
2025-07-15 13:30
Severity ?
9.4 (Critical) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
VLAI Severity ?
EPSS score ?
CWE
Summary
Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems.
* vulnerabilities:
*
Improper Neutralization of Special Elements used in a Command ('Command Injection')
* Use of Hard-coded Credentials
* Improper Authentication
* Binding to an Unrestricted IP Address
The vulnerability has been rated as critical.This issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:30:14.655133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T13:30:22.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Local Server",
"platforms": [
"Windows"
],
"product": "ActADUR",
"vendor": "ProTNS",
"versions": [
{
"lessThan": "v2.0.2.0",
"status": "affected",
"version": "v2.0.1.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "oriax(\ubc15\uae30\ud0dd, Park Kitaek)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e* vulnerabilities:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\n\nImproper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\u003c/li\u003e\u003cli\u003eUse of Hard-coded Credentials\u003c/li\u003e\u003cli\u003eImproper Authentication\u003c/li\u003e\u003cli\u003eBinding to an Unrestricted IP Address\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003eThe vulnerability has been rated as critical.\u003cp\u003eThis issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required.\u003c/p\u003e"
}
],
"value": "Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems.\u00a0\n\n\n* vulnerabilities:\n * \n\nImproper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\n * Use of Hard-coded Credentials\n * Improper Authentication\n * Binding to an Unrestricted IP Address\n\n\n\nThe vulnerability has been rated as critical.This issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1327",
"description": "CWE-1327 Binding to an Unrestricted IP Address",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T07:22:49.897Z",
"orgId": "09832df1-09c1-45b4-8a85-16c601d30feb",
"shortName": "FSI"
},
"references": [
{
"url": "https://www.protns.com/53"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in ProTNS ActADUR",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "09832df1-09c1-45b4-8a85-16c601d30feb",
"assignerShortName": "FSI",
"cveId": "CVE-2025-3621",
"datePublished": "2025-07-15T07:22:49.897Z",
"dateReserved": "2025-04-15T00:51:18.177Z",
"dateUpdated": "2025-07-15T13:30:22.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: System Configuration
Description:
- Assign IP addresses that are not 0.0.0.0.
Mitigation
Phase: System Configuration
Strategy: Firewall
Description:
- Unwanted connections to the configured server may be denied through a firewall or other packet filtering measures.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.