CWE-424
Improper Protection of Alternate Path
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
CVE-2019-18996 (GCVE-0-2019-18996)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags |
---|---|---|
Vendor | Product | Version | ||
---|---|---|---|---|
ABB | PB610 Panel Builder 600 |
Version: unspecified < |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T02:02:39.897Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "PB610 Panel Builder 600", "vendor": "ABB", "versions": [ { "lessThanOrEqual": "2.8.0.424", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "NSFOCUS for providing vulnerability details and proof of concept." } ], "descriptions": [ { "lang": "en", "value": "Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application\u2019s context." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424 Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-18T20:24:44", "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ], "source": { "defect": [ "ABBVU-RAMF-1908003" ], "discovery": "UNKNOWN" }, "title": "ABB PB610 HMIStudio accepts malicious DLL file in an application", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cybersecurity@ch.abb.com", "ID": "CVE-2019-18996", "STATE": "PUBLIC", "TITLE": "ABB PB610 HMIStudio accepts malicious DLL file in an application" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "PB610 Panel Builder 600", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "2.8.0.424" } ] } } ] }, "vendor_name": "ABB" } ] } }, "credit": [ { "lang": "eng", "value": "NSFOCUS for providing vulnerability details and proof of concept." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application\u2019s context." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424 Improper Protection of Alternate Path" } ] } ] }, "references": { "reference_data": [ { "name": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch", "refsource": "MISC", "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ] }, "source": { "defect": [ "ABBVU-RAMF-1908003" ], "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "assignerShortName": "ABB", "cveId": "CVE-2019-18996", "datePublished": "2019-12-18T20:24:44", "dateReserved": "2019-11-15T00:00:00", "dateUpdated": "2024-08-05T02:02:39.897Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-18997 (GCVE-0-2019-18997)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags |
---|---|---|
Vendor | Product | Version | ||
---|---|---|---|---|
ABB | PB610 Panel Builder 600 |
Version: unspecified < |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T02:02:39.800Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "PB610 Panel Builder 600", "vendor": "ABB", "versions": [ { "lessThanOrEqual": "2.8.0.424", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "NSFOCUS for providing vulnerability details and proof of concept." } ], "descriptions": [ { "lang": "en", "value": "The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424 Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-18T20:22:47", "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ], "source": { "defect": [ "ABBVU-RAMF-1908004" ], "discovery": "UNKNOWN" }, "title": "PB610 HMISimulator provides interface with access to arbitrary files", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cybersecurity@ch.abb.com", "ID": "CVE-2019-18997", "STATE": "PUBLIC", "TITLE": "PB610 HMISimulator provides interface with access to arbitrary files" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "PB610 Panel Builder 600", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "2.8.0.424" } ] } } ] }, "vendor_name": "ABB" } ] } }, "credit": [ { "lang": "eng", "value": "NSFOCUS for providing vulnerability details and proof of concept." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424 Improper Protection of Alternate Path" } ] } ] }, "references": { "reference_data": [ { "name": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch", "refsource": "MISC", "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch" } ] }, "source": { "defect": [ "ABBVU-RAMF-1908004" ], "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "assignerShortName": "ABB", "cveId": "CVE-2019-18997", "datePublished": "2019-12-18T20:22:47", "dateReserved": "2019-11-15T00:00:00", "dateUpdated": "2024-08-05T02:02:39.800Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-3793 (GCVE-0-2021-3793)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Motorola | Binatone Hubble Cameras |
Version: various |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.614Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://binatoneglobal.com/security-advisory/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Binatone Hubble Cameras", "vendor": "Motorola", "versions": [ { "status": "affected", "version": "various" } ] } ], "credits": [ { "lang": "en", "value": "Motorola thanks Lenovo Global Security Lab for reporting these issues." } ], "descriptions": [ { "lang": "en", "value": "An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424 Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-12T22:05:52", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://binatoneglobal.com/security-advisory/" } ], "solutions": [ { "lang": "en", "value": "Update to the camera firmware version (or newer version) indicated in the Product Impact section of the Binatone Security Advisory: https://binatoneglobal.com/security-advisory/." } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@lenovo.com", "ID": "CVE-2021-3793", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Binatone Hubble Cameras", "version": { "version_data": [ { "version_affected": "=", "version_value": "various" } ] } } ] }, "vendor_name": "Motorola" } ] } }, "credit": [ { "lang": "eng", "value": "Motorola thanks Lenovo Global Security Lab for reporting these issues." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424 Improper Protection of Alternate Path" } ] } ] }, "references": { "reference_data": [ { "name": "https://binatoneglobal.com/security-advisory/", "refsource": "MISC", "url": "https://binatoneglobal.com/security-advisory/" } ] }, "solution": [ { "lang": "en", "value": "Update to the camera firmware version (or newer version) indicated in the Product Impact section of the Binatone Security Advisory: https://binatoneglobal.com/security-advisory/." } ], "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2021-3793", "datePublished": "2021-11-12T22:05:52", "dateReserved": "2021-09-09T00:00:00", "dateUpdated": "2024-08-03T17:09:08.614Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-1742 (GCVE-0-2022-1742)
Vulnerability from cvelistv5
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
► | Dominion Voting Systems | ImageCast X application |
Version: Version 5.5-A Versions 5.5.10.30 and 5.5.10.32 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.804Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-1742", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-17T15:55:17.809851Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-17T18:46:56.195Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ImageCast X application", "vendor": "Dominion Voting Systems", "versions": [ { "status": "affected", "version": "Version 5.5-A Versions 5.5.10.30 and 5.5.10.32" } ] }, { "product": "ImageCast X firmware", "vendor": "Dominion Voting Systems", "versions": [ { "status": "affected", "version": "Version 5.5-A" } ] } ], "datePublic": "2022-06-03T00:00:00.000Z", "descriptions": [ { "lang": "en", "value": "The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-24T15:00:26.000Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01" } ], "source": { "discovery": "UNKNOWN" }, "title": "2.2.4 IMPROPER PROTECTION OF ALTERNATE PATH CWE-424", "x_legacyV4Record": { "CVE_data_meta": { "AKA": "", "ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "20220603T06:00:00.000000Z", "ID": "CVE-2022-1742", "STATE": "PUBLIC", "TITLE": "2.2.4 IMPROPER PROTECTION OF ALTERNATE PATH CWE-424" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ImageCast X application", "version": { "version_data": [ { "platform": "", "version_affected": "None", "version_name": "Version 5.5-A", "version_value": "Versions 5.5.10.30 and 5.5.10.32" } ] } } ] }, "vendor_name": "Dominion Voting Systems" }, { "product": { "product_data": [ { "product_name": "ImageCast X firmware", "version": { "version_data": [ { "platform": "", "version_affected": "None", "version_name": "", "version_value": "Version 5.5-A" } ] } } ] }, "vendor_name": "Dominion Voting Systems" } ] } }, "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01", "refsource": "MISC", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01" } ] }, "solution": [], "source": { "advisory": "", "defect": [], "discovery": "UNKNOWN" }, "work_around": [] } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2022-1742", "datePublished": "2022-06-24T15:00:26.248Z", "dateReserved": "2022-05-16T00:00:00.000Z", "dateUpdated": "2025-04-17T18:46:56.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-24932 (GCVE-0-2022-24932)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags |
---|---|---|
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
► | Samsung Mobile | Samsung Mobile Devices |
Version: Q(10), R(11), S(12) < SMR Mar-2022 Release 1 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:29:01.593Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "SMR Mar-2022 Release 1 ", "status": "affected", "version": "Q(10), R(11), S(12)", "versionType": "custom" } ] }, { "product": "Samsung Clould", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "5.1.0.8", "status": "affected", "version": "-", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424: Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-08T13:46:36", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=3" } ], "source": { "discovery": "UNKNOWN" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2022-24932", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Samsung Mobile Devices", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "Q(10), R(11), S(12)", "version_value": "SMR Mar-2022 Release 1 " } ] } }, { "product_name": "Samsung Clould", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "-", "version_value": "5.1.0.8" } ] } } ] }, "vendor_name": "Samsung Mobile" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424: Improper Protection of Alternate Path" } ] } ] }, "references": { "reference_data": [ { "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=3", "refsource": "MISC", "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=3" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2022-24932", "datePublished": "2022-03-08T13:46:36", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-03T04:29:01.593Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-28782 (GCVE-0-2022-28782)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags |
---|---|---|
Vendor | Product | Version | ||
---|---|---|---|---|
Samsung Mobile | Samsung Mobile Devices |
Version: Select R(11), S(12) devices < SMR May-2022 Release 1 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:03:52.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "SMR May-2022 Release 1", "status": "affected", "version": "Select R(11), S(12) devices", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424: Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-03T19:40:19", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=5" } ], "source": { "discovery": "UNKNOWN" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2022-28782", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Samsung Mobile Devices", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "Select R(11), S(12) devices", "version_value": "SMR May-2022 Release 1" } ] } } ] }, "vendor_name": "Samsung Mobile" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-424: Improper Protection of Alternate Path" } ] } ] }, "references": { "reference_data": [ { "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=5", "refsource": "MISC", "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=5" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2022-28782", "datePublished": "2022-05-03T19:40:19", "dateReserved": "2022-04-07T00:00:00", "dateUpdated": "2024-08-03T06:03:52.696Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-0629 (GCVE-0-2023-0629)
Vulnerability from cvelistv5
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Docker Inc. | Docker Desktop |
Version: 4.13.0 ≤ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:50.272Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "release-notes", "x_transferred" ], "url": "https://docs.docker.com/desktop/release-notes/#4170" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-0629", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-27T20:07:27.576557Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-27T20:12:56.479Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "Settings Management", "Enhanced Container Isolation" ], "platforms": [ "MacOS", "Windows (Hyper-V)", "Linux" ], "product": "Docker Desktop", "vendor": "Docker Inc.", "versions": [ { "lessThan": "4.17.0", "status": "affected", "version": "4.13.0", "versionType": "semver" } ] } ], "datePublic": "2023-03-13T11:15:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to \u003ctt\u003edocker.raw.sock\u003c/tt\u003e, or \u003ctt\u003enpipe:////.pipe/docker_engine_linux\u003c/tt\u003e on Windows, via the \u003ctt\u003e-H\u003c/tt\u003e (\u003ctt\u003e--host\u003c/tt\u003e) CLI flag or the \u003ctt\u003eDOCKER_HOST\u003c/tt\u003e environment variable and launch containers without the additional hardening features provided by ECI. This would not affect already running containers, nor containers launched through the usual approach (without Docker\u0027s raw socket).\u003cbr\u003e\u003cbr\u003eThe affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges.\u003cbr\u003e\u003cp\u003eThis issue has been fixed in Docker Desktop 4.17.0. \u003cbr\u003e\u003cbr\u003eAffected Docker Desktop versions: from 4.13.0 before 4.17.0.\u003c/p\u003e" } ], "value": "Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment variable and launch containers without the additional hardening features provided by ECI. This would not affect already running containers, nor containers launched through the usual approach (without Docker\u0027s raw socket).\n\nThe affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges.\nThis issue has been fixed in Docker Desktop 4.17.0. \n\nAffected Docker Desktop versions: from 4.13.0 before 4.17.0.\n\n" } ], "impacts": [ { "capecId": "CAPEC-554", "descriptions": [ { "lang": "en", "value": "CAPEC-554 Functionality Bypass" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424: Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-501", "description": "CWE-501: Trust Boundary Violation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-13T11:16:41.171Z", "orgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "shortName": "Docker" }, "references": [ { "tags": [ "release-notes" ], "url": "https://docs.docker.com/desktop/release-notes/#4170" } ], "source": { "discovery": "INTERNAL" }, "title": "Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "assignerShortName": "Docker", "cveId": "CVE-2023-0629", "datePublished": "2023-03-13T11:16:41.171Z", "dateReserved": "2023-02-01T22:40:41.487Z", "dateUpdated": "2025-02-27T20:12:56.479Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-20272 (GCVE-0-2023-20272)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco Identity Services Engine Software |
Version: 3.0.0 Version: 3.0.0 p1 Version: 3.0.0 p2 Version: 3.0.0 p3 Version: 3.0.0 p4 Version: 3.0.0 p5 Version: 3.0.0 p6 Version: 3.0.0 p7 Version: 3.1.0 Version: 3.1.0 p1 Version: 3.1.0 p3 Version: 3.1.0 p4 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:05:36.852Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-ise-mult-j-KxpNynR", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-mult-j-KxpNynR" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Identity Services Engine Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.0.0" }, { "status": "affected", "version": "3.0.0 p1" }, { "status": "affected", "version": "3.0.0 p2" }, { "status": "affected", "version": "3.0.0 p3" }, { "status": "affected", "version": "3.0.0 p4" }, { "status": "affected", "version": "3.0.0 p5" }, { "status": "affected", "version": "3.0.0 p6" }, { "status": "affected", "version": "3.0.0 p7" }, { "status": "affected", "version": "3.1.0" }, { "status": "affected", "version": "3.1.0 p1" }, { "status": "affected", "version": "3.1.0 p3" }, { "status": "affected", "version": "3.1.0 p4" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This vulnerability is due to insufficient file input validation. An attacker could exploit this vulnerability by uploading a malicious file to the web interface. A successful exploit could allow the attacker to replace files and gain access to sensitive server-side information." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "Improper Protection of Alternate Path", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:58:37.474Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-ise-mult-j-KxpNynR", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-mult-j-KxpNynR" } ], "source": { "advisory": "cisco-sa-ise-mult-j-KxpNynR", "defects": [ "CSCwc45768" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20272", "datePublished": "2023-11-21T18:49:16.737Z", "dateReserved": "2022-10-27T18:47:50.373Z", "dateUpdated": "2024-08-02T09:05:36.852Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-46176 (GCVE-0-2023-46176)
Vulnerability from cvelistv5
- CWE-424 - Improper Protection of Alternate Path
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | MQ Appliance |
Version: 9.3 CD |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:37:39.953Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7060769" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/269535" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-46176", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-04T20:27:15.963875Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-04T20:29:27.069Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "MQ Appliance", "vendor": "IBM", "versions": [ { "status": "affected", "version": "9.3 CD" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535." } ], "value": "IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424 Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-03T00:06:38.556Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7060769" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/269535" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM MQ privilege escalation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-46176", "datePublished": "2023-11-03T00:06:38.556Z", "dateReserved": "2023-10-17T22:30:29.595Z", "dateUpdated": "2024-09-04T20:29:27.069Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-5165 (GCVE-0-2023-5165)
Vulnerability from cvelistv5
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Docker Inc. | Docker Desktop |
Version: 4.13.0 ≤ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:07.697Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "release-notes", "x_transferred" ], "url": "https://docs.docker.com/desktop/release-notes/#4230" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5165", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-24T15:55:31.117566Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-24T15:55:38.645Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Windows", "MacOS", "Linux", "x86", "ARM" ], "product": "Docker Desktop", "vendor": "Docker Inc.", "versions": [ { "lessThan": "4.23.0", "status": "affected", "version": "4.13.0", "versionType": "semver" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Enhanced Container Isolation enabled (only available for Docker Business users)" } ], "value": "Enhanced Container Isolation enabled (only available for Docker Business users)" } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "L. Kofler" } ], "datePublic": "2023-09-11T10:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDocker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. \u003cbr\u003e\u003cbr\u003eThis issue has been fixed in Docker Desktop 4.23.0. \u003cbr\u003e\u003cbr\u003eAffected Docker Desktop versions: from 4.13.0 before 4.23.0.\u003c/span\u003e\u003cbr\u003e" } ], "value": "Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. \n\nThis issue has been fixed in Docker Desktop 4.23.0. \n\nAffected Docker Desktop versions: from 4.13.0 before 4.23.0.\n" } ], "impacts": [ { "capecId": "CAPEC-554", "descriptions": [ { "lang": "en", "value": "CAPEC-554 Functionality Bypass" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-424", "description": "CWE-424: Improper Protection of Alternate Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-25T15:29:12.869Z", "orgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "shortName": "Docker" }, "references": [ { "tags": [ "release-notes" ], "url": "https://docs.docker.com/desktop/release-notes/#4230" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update to version 4.23.0" } ], "value": "Update to version 4.23.0" } ], "source": { "discovery": "EXTERNAL" }, "title": "Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "assignerShortName": "Docker", "cveId": "CVE-2023-5165", "datePublished": "2023-09-25T15:29:12.869Z", "dateReserved": "2023-09-25T14:05:45.905Z", "dateUpdated": "2024-09-24T15:55:38.645Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Architecture and Design
Description:
- Deploy different layers of protection to implement security in depth.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-554: Functionality Bypass
An adversary attacks a system by bypassing some or all functionality intended to protect it. Often, a system user will think that protection is in place, but the functionality behind those protections has been disabled by the adversary.