CWE-233
Improper Handling of Parameters
The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.
CVE-2020-10069 (GCVE-0-2020-10069)
Vulnerability from cvelistv5
Published
2021-05-24 21:40
Modified
2024-09-16 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters ()
Summary
Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| zephyrproject-rtos | zephyr |
Version: v1.14.2 < unspecified Version: v2.2.0 < unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:57.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "v1.14.2",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "v2.2.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions \u003e= v1.14.2, \u003e= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "Improper Handling of Parameters (CWE-233)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-24T21:40:25",
"orgId": "e2e69745-5e70-4e92-8431-deb5529a81ad",
"shortName": "zephyr"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
}
],
"source": {
"defect": [
"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
]
},
"title": "Zephyr Bluetooth unchecked packet data results in denial of service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerabilities@zephyrproject.org",
"DATE_PUBLIC": "2020-05-25T00:00:00.000Z",
"ID": "CVE-2020-10069",
"STATE": "PUBLIC",
"TITLE": "Zephyr Bluetooth unchecked packet data results in denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "zephyr",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "v1.14.2"
},
{
"version_affected": "\u003e=",
"version_value": "v2.2.0"
}
]
}
}
]
},
"vendor_name": "zephyrproject-rtos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions \u003e= v1.14.2, \u003e= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Handling of Parameters (CWE-233)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp",
"refsource": "MISC",
"url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
}
]
},
"source": {
"defect": [
"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp"
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e2e69745-5e70-4e92-8431-deb5529a81ad",
"assignerShortName": "zephyr",
"cveId": "CVE-2020-10069",
"datePublished": "2021-05-24T21:40:25.468262Z",
"dateReserved": "2020-03-04T00:00:00",
"dateUpdated": "2024-09-16T16:27:47.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0269 (GCVE-0-2021-0269)
Vulnerability from cvelistv5
Published
2021-04-22 19:37
Modified
2024-09-17 01:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded parameters within the HTTP/S session, access and exploit variables, bypass web application firewall rules or input validation mechanisms, and otherwise alter and modify J-Web's normal behavior. An attacker may be able to transition victims to malicious web services, or exfiltrate sensitive information from otherwise secure web forms. This issue affects: Juniper Networks Junos OS: All versions prior to 17.4R3-S3; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: unspecified < 17.4R3-S3 Version: 18.1 < 18.1R3-S12 Version: 18.2 < 18.2R3-S6 Version: 18.3 < 18.3R3-S4 Version: 18.4 < 18.4R3-S6 Version: 19.1 < 19.1R3-S4 Version: 19.2 < 19.2R3-S1 Version: 19.3 < 19.3R3-S1 Version: 19.4 < 19.4R2-S2, 19.4R3 Version: 20.1 < 20.1R2 Version: 20.2 < 20.2R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:10.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11160"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.4R3-S3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S12",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R3-S6",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S4",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R3-S6",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R3-S4",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R3-S1",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S1",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R2-S2, 19.4R3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue requires J-Web to be enabled on the device.\n\nThe examples of the config stanza affected by this issue:\n [system services web-management http]\n [system services web-management https]"
}
],
"datePublic": "2021-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded parameters within the HTTP/S session, access and exploit variables, bypass web application firewall rules or input validation mechanisms, and otherwise alter and modify J-Web\u0027s normal behavior. An attacker may be able to transition victims to malicious web services, or exfiltrate sensitive information from otherwise secure web forms. This issue affects: Juniper Networks Junos OS: All versions prior to 17.4R3-S3; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233: Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-22T19:37:25",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA11160"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S3, 18.1R3-S12, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.3R3-S1, 19.4R2-S2, 19.4R3, 20.1R2, 20.2R2, 20.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11160",
"defect": [
"1501588"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: J-Web can be compromised through reflected client-side HTTP parameter pollution attacks.",
"workarounds": [
{
"lang": "en",
"value": "To reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts. \n\nAccess the J-Web service from trusted hosts which may not be compromised by cross-site scripting attacks, for example, deploying jump hosts with no internet access.\n\nAlternatively, disable J-Web."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
"ID": "CVE-2021-0269",
"STATE": "PUBLIC",
"TITLE": "Junos OS: J-Web can be compromised through reflected client-side HTTP parameter pollution attacks."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "17.4R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S12"
},
{
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R2-S2, 19.4R3"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue requires J-Web to be enabled on the device.\n\nThe examples of the config stanza affected by this issue:\n [system services web-management http]\n [system services web-management https]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded parameters within the HTTP/S session, access and exploit variables, bypass web application firewall rules or input validation mechanisms, and otherwise alter and modify J-Web\u0027s normal behavior. An attacker may be able to transition victims to malicious web services, or exfiltrate sensitive information from otherwise secure web forms. This issue affects: Juniper Networks Junos OS: All versions prior to 17.4R3-S3; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-233: Improper Handling of Parameters"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11160",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA11160"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S3, 18.1R3-S12, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.3R3-S1, 19.4R2-S2, 19.4R3, 20.1R2, 20.2R2, 20.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11160",
"defect": [
"1501588"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts. \n\nAccess the J-Web service from trusted hosts which may not be compromised by cross-site scripting attacks, for example, deploying jump hosts with no internet access.\n\nAlternatively, disable J-Web."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-0269",
"datePublished": "2021-04-22T19:37:25.649841Z",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-09-17T01:12:12.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1230 (GCVE-0-2021-1230)
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:03:51.718735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:39:28.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
],
"source": {
"advisory": "cisco-sa-n9kaci-bgp-De9dPKSK",
"defect": [
[
"CSCvr59494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1230",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-233"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
]
},
"source": {
"advisory": "cisco-sa-n9kaci-bgp-De9dPKSK",
"defect": [
[
"CSCvr59494"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1230",
"datePublished": "2021-02-24T19:30:30.975897Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:39:28.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45477 (GCVE-0-2021-45477)
Vulnerability from cvelistv5
Published
2023-03-02 08:24
Modified
2025-03-05 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yordam Information Technologies | Library Automation System |
Version: 0 < 19.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-45477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T21:14:02.192040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T21:14:14.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Library Automation System",
"vendor": "Yordam Information Technologies",
"versions": [
{
"lessThan": "19.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Oguzhan KARA"
}
],
"datePublic": "2023-03-02T08:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.\u003cp\u003eThis issue affects Library Automation System: before 19.2.\u003c/p\u003e"
}
],
"value": "Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-569",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-569 Collect Data as Provided by Users"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233 Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T08:24:10.566Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0119"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the software version to \u0026gt;=19.2"
}
],
"value": "Update the software version to \u003e=19.2"
}
],
"source": {
"advisory": "TR-23-0119",
"defect": [
"TR-23-0119"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Yordam Library Automation System",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2021-45477",
"datePublished": "2023-03-02T08:24:10.566Z",
"dateReserved": "2021-12-24T13:04:17.902Z",
"dateUpdated": "2025-03-05T21:14:14.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45478 (GCVE-0-2021-45478)
Vulnerability from cvelistv5
Published
2023-03-02 08:26
Modified
2025-03-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yordam Information Technologies | Library Automation System |
Version: 0 < 19.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-45478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T21:13:39.329487Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T21:13:43.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Library Automation System",
"vendor": "Yordam Information Technologies",
"versions": [
{
"lessThan": "19.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Oguzhan KARA"
}
],
"datePublic": "2023-03-02T08:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.\u003cp\u003eThis issue affects Library Automation System: before 19.2.\u003c/p\u003e"
}
],
"value": "Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-569",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-569 Collect Data as Provided by Users"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233 Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T08:26:02.908Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0119"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the software version to \u0026gt;=19.2"
}
],
"value": "Update the software version to \u003e=19.2"
}
],
"source": {
"advisory": "TR-23-0119",
"defect": [
"TR-23-0119"
],
"discovery": "UNKNOWN"
},
"title": "IDOR in Yordam Library Automation System",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2021-45478",
"datePublished": "2023-03-02T08:26:02.908Z",
"dateReserved": "2021-12-24T13:04:17.903Z",
"dateUpdated": "2025-03-05T21:13:43.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22792 (GCVE-0-2022-22792)
Vulnerability from cvelistv5
Published
2022-02-16 16:38
Modified
2024-09-17 02:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of url Parameters
Summary
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.gov.il/en/departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eharmony",
"vendor": "MobiSoft",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "MobiPlus",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dudu Moyal - Sophtix Security LTD"
}
],
"datePublic": "2022-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData\u0026amp;GridName=Users"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233 Improper Handling of url Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:07",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.gov.il/en/departments/faq/cve_advisories"
}
],
"solutions": [
{
"lang": "en",
"value": "An update was released which addresses the issue"
}
],
"source": {
"advisory": "ILVN-2022-0013",
"defect": [
"ILVN-2022-0013"
],
"discovery": "INTERNAL"
},
"title": "MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "INCD",
"ASSIGNER": "cna@cyber.gov.il",
"DATE_PUBLIC": "2022-02-01T12:26:00.000Z",
"ID": "CVE-2022-22792",
"STATE": "PUBLIC",
"TITLE": "MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eharmony",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "MobiPlus",
"version_value": "1.0"
}
]
}
}
]
},
"vendor_name": "MobiSoft"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dudu Moyal - Sophtix Security LTD"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData\u0026amp;GridName=Users"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-233 Improper Handling of url Parameters"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.gov.il/en/departments/faq/cve_advisories",
"refsource": "MISC",
"url": "https://www.gov.il/en/departments/faq/cve_advisories"
}
]
},
"solution": [
{
"lang": "en",
"value": "An update was released which addresses the issue"
}
],
"source": {
"advisory": "ILVN-2022-0013",
"defect": [
"ILVN-2022-0013"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2022-22792",
"datePublished": "2022-02-16T16:38:07.784746Z",
"dateReserved": "2022-01-07T00:00:00",
"dateUpdated": "2024-09-17T02:48:02.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32261 (GCVE-0-2022-32261)
Vulnerability from cvelistv5
Published
2022-06-14 09:22
Modified
2024-08-03 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SINEMA Remote Connect Server |
Version: 0 < V3.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:siemens:sinema_remote_connect_server:3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sinema_remote_connect_server",
"vendor": "siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32261",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T15:38:42.924758Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:40:53.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:50.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-484086.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SINEMA Remote Connect Server",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233: Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T12:04:19.406Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-484086.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-32261",
"datePublished": "2022-06-14T09:22:16",
"dateReserved": "2022-06-02T00:00:00",
"dateUpdated": "2024-08-03T07:39:50.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3697 (GCVE-0-2022-3697)
Vulnerability from cvelistv5
Published
2022-10-28 00:00
Modified
2025-02-13 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ansible, ansible community.aws, ansible amazon.aws |
Version: ansible from 2.5.0 before 2.10 Version: ansible community.aws before 2.0.0 Version: ansible amazon.aws from 2.1.0 before 5.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:03.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ansible-collections/amazon.aws/pull/1199"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ansible, ansible community.aws, ansible amazon.aws",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ansible from 2.5.0 before 2.10"
},
{
"status": "affected",
"version": "ansible community.aws before 2.0.0"
},
{
"status": "affected",
"version": "ansible amazon.aws from 2.1.0 before 5.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:06:27.294Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/ansible-collections/amazon.aws/pull/1199"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-3697",
"datePublished": "2022-10-28T00:00:00.000Z",
"dateReserved": "2022-10-26T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:32:52.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1419 (GCVE-0-2023-1419)
Vulnerability from cvelistv5
Published
2024-11-17 10:20
Modified
2024-11-18 18:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat build of Debezium |
cpe:/a:redhat:debezium:2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1419",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T18:55:47.959448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T18:56:00.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:debezium:2"
],
"defaultStatus": "unaffected",
"packageName": "mysql-connector-java",
"product": "Red Hat build of Debezium",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:integration:1"
],
"defaultStatus": "unknown",
"packageName": "mysql-connector-java",
"product": "Red Hat Integration Change Data Capture",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank lufei for reporting this issue."
}
],
"datePublic": "2024-06-04T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-17T10:20:36.408Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-1419"
},
{
"name": "RHBZ#2178722",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178722"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-02-13T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-06-04T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Debezium: script injection via connector parameter",
"x_redhatCweChain": "CWE-233: Improper Handling of Parameters"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-1419",
"datePublished": "2024-11-17T10:20:36.408Z",
"dateReserved": "2023-03-15T16:15:54.277Z",
"dateUpdated": "2024-11-18T18:56:00.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20076 (GCVE-0-2023-20076)
Vulnerability from cvelistv5
Published
2023-02-12 00:00
Modified
2024-10-28 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:19:27.545112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:34:17.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-05T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
}
],
"source": {
"advisory": "cisco-sa-iox-8whGn5dL",
"defect": [
[
"CSCwc66882"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOx Application Hosting Environment Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20076",
"datePublished": "2023-02-12T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:34:17.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
CAPEC-39: Manipulating Opaque Client-based Data Tokens
In circumstances where an application holds important data client-side in tokens (cookies, URLs, data files, and so forth) that data can be manipulated. If client or server-side application components reinterpret that data as authentication tokens or data (such as store item pricing or wallet information) then even opaquely manipulating that data may bear fruit for an Attacker. In this pattern an attacker undermines the assumption that client side tokens have been adequately protected from tampering through use of encryption or obfuscation.