CWE-687
Function Call With Incorrectly Specified Argument Value
The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.
CVE-2024-36985 (GCVE-0-2024-36985)
Vulnerability from cvelistv5
Published
2024-07-01 16:30
Modified
2025-02-28 11:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-687 - The software calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.
Summary
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 9.2 < 9.2.2 Version: 9.1 < 9.1.5 Version: 9.0 < 9.0.10 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*"
],
"defaultStatus": "unknown",
"product": "splunk",
"vendor": "splunk",
"versions": [
{
"lessThan": "9.2.2",
"status": "affected",
"version": "9.2",
"versionType": "custom"
},
{
"lessThan": "9.1.5",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "9.0.10",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T03:55:21.225866Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:35:12.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://advisory.splunk.com/advisories/SVD-2024-0705"
},
{
"tags": [
"x_transferred"
],
"url": "https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "9.2.2",
"status": "affected",
"version": "9.2",
"versionType": "custom"
},
{
"lessThan": "9.1.5",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "9.0.10",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alex Hordijk"
}
],
"datePublic": "2024-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application."
}
],
"value": "In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-687",
"description": "The software calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T11:03:58.932Z",
"orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"shortName": "Splunk"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-0705"
},
{
"url": "https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131"
}
],
"source": {
"advisory": "SVD-2024-0705"
},
"title": "Remote Code Execution (RCE) through an external lookup due to \u201ccopybuckets.py\u201c script in the \u201csplunk_archiver\u201c application in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"assignerShortName": "Splunk",
"cveId": "CVE-2024-36985",
"datePublished": "2024-07-01T16:30:57.461Z",
"dateReserved": "2024-05-30T16:36:20.999Z",
"dateUpdated": "2025-02-28T11:03:58.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49603 (GCVE-0-2024-49603)
Vulnerability from cvelistv5
Published
2024-12-09 14:29
Modified
2024-12-09 15:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-687 - Function Call With Incorrectly Specified Argument Value
Summary
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerScale OneFS |
Version: 8.2.2.x ≤ 9.7.1.2 Version: 9.8.0.0 ≤ 9.9.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T15:08:09.860137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T15:08:22.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "9.7.1.2",
"status": "affected",
"version": "8.2.2.x",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.9.0.0",
"status": "affected",
"version": "9.8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-04T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure."
}
],
"value": "Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-687",
"description": "CWE-687: Function Call With Incorrectly Specified Argument Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T14:29:49.906Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-49603",
"datePublished": "2024-12-09T14:29:49.906Z",
"dateReserved": "2024-10-17T05:03:48.988Z",
"dateUpdated": "2024-12-09T15:08:22.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22620 (GCVE-0-2025-22620)
Vulnerability from cvelistv5
Published
2025-01-20 15:38
Modified
2025-01-21 14:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GitoxideLabs | gitoxide |
Version: < 0.17.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22620",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:54:20.971258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:54:25.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gitoxide",
"vendor": "GitoxideLabs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.17.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-687",
"description": "CWE-687: Function Call With Incorrectly Specified Argument Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:38:32.388Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-fqmf-w4xh-33rh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-fqmf-w4xh-33rh"
}
],
"source": {
"advisory": "GHSA-fqmf-w4xh-33rh",
"discovery": "UNKNOWN"
},
"title": "gix-worktree-state nonexclusive checkout sets executable files world-writable"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-22620",
"datePublished": "2025-01-20T15:38:32.388Z",
"dateReserved": "2025-01-07T15:07:26.777Z",
"dateUpdated": "2025-01-21T14:54:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.