CWE-694
Use of Multiple Resources with Duplicate Identifier
The product uses multiple resources that can have the same identifier, in a context in which unique identifiers are required.
CVE-2020-15185 (GCVE-0-2020-15185)
Vulnerability from cvelistv5
Published
2020-09-17 21:30
Modified
2024-08-04 13:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-74", "description": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-17T21:30:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ], "source": { "advisory": "GHSA-jm56-5h66-w453", "discovery": "UNKNOWN" }, "title": "Duplicated chart entries in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15185", "STATE": "PUBLIC", "TITLE": "Duplicated chart entries in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e= 2.0.0, \u003c 2.16.11" }, { "version_value": "\u003e= 3.0.0, \u003c 3.3.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}" } ] }, { "description": [ { "lang": "eng", "value": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "name": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ] }, "source": { "advisory": "GHSA-jm56-5h66-w453", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15185", "datePublished": "2020-09-17T21:30:13", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-15187 (GCVE-0-2020-15187)
Vulnerability from cvelistv5
Published
2020-09-17 21:50
Modified
2025-05-29 22:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack.
To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2.
As a possible workaround make sure to install plugins using a secure connection protocol like SSL.
References
► | URL | Tags |
---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.691Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin\u0027s install hooks, causing a local execution attack.\nTo perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2.\nAs a possible workaround make sure to install plugins using a secure connection protocol like SSL." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "CWE-694: Use of Multiple Resources with Duplicate Identifier", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-29T22:59:03.267Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j" }, { "name": "https://github.com/helm/helm/commit/6aab63765f99050b115f0aec3d6350c85e8da946", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/6aab63765f99050b115f0aec3d6350c85e8da946" }, { "name": "https://github.com/helm/helm/commit/ac7c07c37d87e09797f714fb57aa5e9cb99d9450", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/ac7c07c37d87e09797f714fb57aa5e9cb99d9450" }, { "name": "https://github.com/helm/helm/commit/b0296c0522e837d65f944beefa3fb64fd08ac304", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/b0296c0522e837d65f944beefa3fb64fd08ac304" }, { "name": "https://github.com/helm/helm/commit/c8d6b01d72c9604e43ee70d0d78fadd54c2d8499", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/c8d6b01d72c9604e43ee70d0d78fadd54c2d8499" }, { "name": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b" }, { "name": "https://github.com/helm/helm/commit/f2ede29480b507b7d8bb152dd8b6b86248b00658", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/f2ede29480b507b7d8bb152dd8b6b86248b00658" } ], "source": { "advisory": "GHSA-c52f-pq47-2r9j", "discovery": "UNKNOWN" }, "title": "Duplicate plugin entries in Helm" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15187", "datePublished": "2020-09-17T21:50:12", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2025-05-29T22:59:03.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-3436 (GCVE-0-2021-3436)
Vulnerability from cvelistv5
Published
2021-10-05 20:50
Modified
2024-09-16 20:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-694 - Use of Multiple Resources with Duplicate Identifier ()
Summary
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63
References
► | URL | Tags |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
zephyrproject-rtos | zephyr |
Version: 1.14.2 < unspecified Version: 2.4.0 < unspecified Version: 2.5.0 < unspecified |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:53:17.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zephyr", "vendor": "zephyrproject-rtos", "versions": [ { "lessThan": "unspecified", "status": "affected", "version": "1.14.2", "versionType": "custom" }, { "lessThan": "unspecified", "status": "affected", "version": "2.4.0", "versionType": "custom" }, { "lessThan": "unspecified", "status": "affected", "version": "2.5.0", "versionType": "custom" } ] } ], "datePublic": "2021-06-11T00:00:00", "descriptions": [ { "lang": "en", "value": "BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions \u003e= 1.14.2, \u003e= 2.4.0, \u003e= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "Use of Multiple Resources with Duplicate Identifier (CWE-694)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-10-05T20:50:15", "orgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "shortName": "zephyr" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" } ], "source": { "defect": [ "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" ] }, "title": "BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "vulnerabilities@zephyrproject.org", "DATE_PUBLIC": "2021-06-11T00:00:00.000Z", "ID": "CVE-2021-3436", "STATE": "PUBLIC", "TITLE": "BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "zephyr", "version": { "version_data": [ { "version_affected": "\u003e=", "version_value": "1.14.2" }, { "version_affected": "\u003e=", "version_value": "2.4.0" }, { "version_affected": "\u003e=", "version_value": "2.5.0" } ] } } ] }, "vendor_name": "zephyrproject-rtos" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions \u003e= 1.14.2, \u003e= 2.4.0, \u003e= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 4.3, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 4.3, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use of Multiple Resources with Duplicate Identifier (CWE-694)" } ] } ] }, "references": { "reference_data": [ { "name": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63", "refsource": "MISC", "url": "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" } ] }, "source": { "defect": [ "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63" ] } } } }, "cveMetadata": { "assignerOrgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "assignerShortName": "zephyr", "cveId": "CVE-2021-3436", "datePublished": "2021-10-05T20:50:15.802366Z", "dateReserved": "2021-03-11T00:00:00", "dateUpdated": "2024-09-16T20:31:46.210Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-23721 (GCVE-0-2022-23721)
Vulnerability from cvelistv5
Published
2023-04-25 00:00
Modified
2025-02-04 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-694 - Use of Multiple Resources with Duplicate Identifier
Summary
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Ping Identity | unspecified |
Version: 2.9 < 2.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:51:45.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://docs.pingidentity.com/r/en-us/pingid/davinci_pingid_windows_login_relnotes_2.9" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-23721", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-02-04T14:49:35.874858Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-04T14:49:49.619Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "unspecified", "vendor": "Ping Identity", "versions": [ { "lessThan": "2.9", "status": "affected", "version": "2.9", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "CWE-694 Use of Multiple Resources with Duplicate Identifier", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00.000Z", "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity" }, "references": [ { "url": "https://docs.pingidentity.com/r/en-us/pingid/davinci_pingid_windows_login_relnotes_2.9" } ], "source": { "advisory": "SECADV034", "defect": [ "PIM-3485" ], "discovery": "INTERNAL" }, "title": "PingID integration for Windows login duplicate username collision." } }, "cveMetadata": { "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "assignerShortName": "Ping Identity", "cveId": "CVE-2022-23721", "datePublished": "2023-04-25T00:00:00.000Z", "dateReserved": "2022-01-19T00:00:00.000Z", "dateUpdated": "2025-02-04T14:49:49.619Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-20100 (GCVE-0-2023-20100)
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error that occurs when certain conditions are met during the AP joining process. An attacker could exploit this vulnerability by adding an AP that is under their control to the network. The attacker then must ensure that the AP successfully joins an affected wireless controller under certain conditions. Additionally, the attacker would need the ability to restart a valid AP that was previously connected to the controller. A successful exploit could allow the attacker to cause the affected device to restart unexpectedly, resulting in a DoS condition.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:57:35.881Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20230322 Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-apjoin-dos-nXRHkt5" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-20100", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-25T14:35:54.618228Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-25T16:02:11.931Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software ", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2023-03-22T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error that occurs when certain conditions are met during the AP joining process. An attacker could exploit this vulnerability by adding an AP that is under their control to the network. The attacker then must ensure that the AP successfully joins an affected wireless controller under certain conditions. Additionally, the attacker would need the ability to restart a valid AP that was previously connected to the controller. A successful exploit could allow the attacker to cause the affected device to restart unexpectedly, resulting in a DoS condition." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "CWE-694", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-23T00:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20230322 Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-apjoin-dos-nXRHkt5" } ], "source": { "advisory": "cisco-sa-c9800-apjoin-dos-nXRHkt5", "defect": [ [ "CSCwc17898" ] ], "discovery": "INTERNAL" }, "title": "Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20100", "datePublished": "2023-03-23T00:00:00", "dateReserved": "2022-10-27T00:00:00", "dateUpdated": "2024-10-25T16:02:11.931Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-41146 (GCVE-0-2024-41146)
Vulnerability from cvelistv5
Published
2024-12-12 01:35
Modified
2024-12-12 15:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-694 - Use of Multiple Resources with Duplicate Identifier
Summary
Use of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perform a Denial-of-Service attack against HBUS connected devices, require a device reboot to resolve.
This issue affects: Controller 6000 and Controller 7000 firmware versions 9.10 prior to vCR9.10.241108a (distributed in 9.10.2149 (MR4)), 9.00 prior to vCR9.00.241108a (distributed in 9.00.2374 (MR5)), 8.90 prior to vCR8.90.241107a (distributed in 8.90.2356 (MR6)), all versions of 8.80 and prior.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Gallagher | Controller 6000 and Controller 7000 |
Version: 0 < Version: 9.10 < vCR9.10.241108a Version: 9.00 < vCR9.00.241108a Version: 8.90 < vCR8.90.241107a |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-41146", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-12T15:18:57.979404Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-12T15:19:50.478Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "Controller 6000 and Controller 7000", "vendor": "Gallagher", "versions": [ { "lessThanOrEqual": "8.80", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "vCR9.10.241108a", "status": "affected", "version": "9.10", "versionType": "custom" }, { "lessThan": "vCR9.00.241108a", "status": "affected", "version": "9.00", "versionType": "custom" }, { "lessThan": "vCR8.90.241107a", "status": "affected", "version": "8.90", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUse of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perform a Denial-of-Service attack against HBUS connected devices, require a device reboot to resolve. \u003cbr\u003e\u003cbr\u003eThis issue affects:\u0026nbsp;Controller 6000 and Controller 7000 firmware versions 9.10 prior to vCR9.10.241108a (distributed in 9.10.2149 (MR4)), 9.00 prior to vCR9.00.241108a (distributed in 9.00.2374 (MR5)), 8.90 prior to vCR8.90.241107a (distributed in 8.90.2356 (MR6)),\u0026nbsp;all versions of 8.80 and prior.\n\n\u003c/span\u003e" } ], "value": "Use of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perform a Denial-of-Service attack against HBUS connected devices, require a device reboot to resolve. \n\nThis issue affects:\u00a0Controller 6000 and Controller 7000 firmware versions 9.10 prior to vCR9.10.241108a (distributed in 9.10.2149 (MR4)), 9.00 prior to vCR9.00.241108a (distributed in 9.00.2374 (MR5)), 8.90 prior to vCR8.90.241107a (distributed in 8.90.2356 (MR6)),\u00a0all versions of 8.80 and prior." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "CWE-694 Use of Multiple Resources with Duplicate Identifier", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-12T01:35:38.236Z", "orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "shortName": "Gallagher" }, "references": [ { "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-41146" } ], "source": { "discovery": "INTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "assignerShortName": "Gallagher", "cveId": "CVE-2024-41146", "datePublished": "2024-12-12T01:35:38.236Z", "dateReserved": "2024-08-28T02:46:11.165Z", "dateUpdated": "2024-12-12T15:19:50.478Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Architecture and Design
Description:
- Where possible, use unique identifiers. If non-unique identifiers are detected, then do not operate any resource with a non-unique identifier and report the error appropriately.
No CAPEC attack patterns related to this CWE.