Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-0655
Vulnerability from csaf_certbund
Published
2025-03-30 22:00
Modified
2025-03-30 22:00
Summary
IBM InfoSphere Information Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.
Angriff
Ein entfernter authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen preiszugeben und Daten zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen preiszugeben und Daten zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2025-0655 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0655.json" }, { "category": "self", "summary": "WID-SEC-2025-0655 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0655" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7184980" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7185058" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7185450" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7184980" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7185020" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7185401" }, { "category": "external", "summary": "IBM Security Bulletin vom 2025-03-30", "url": "https://www.ibm.com/support/pages/node/7185454" } ], "source_lang": "en-US", "title": "IBM InfoSphere Information Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2025-03-30T22:00:00.000+00:00", "generator": { "date": "2025-03-31T08:54:44.366+00:00", "engine": { "name": "BSI-WID", "version": "1.3.12" } }, "id": "WID-SEC-W-2025-0655", "initial_release_date": "2025-03-30T22:00:00.000+00:00", "revision_history": [ { "date": "2025-03-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c11.7.1.0", "product": { "name": "IBM InfoSphere Information Server \u003c11.7.1.0", "product_id": "T042209" } }, { "category": "product_version", "name": "11.7.1.0", "product": { "name": "IBM InfoSphere Information Server 11.7.1.0", "product_id": "T042209-fixed", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:11.7.1.0" } } }, { "category": "product_version_range", "name": "Cloud \u003c11.7.1.6", "product": { "name": "IBM InfoSphere Information Server Cloud \u003c11.7.1.6", "product_id": "T042210" } }, { "category": "product_version", "name": "Cloud 11.7.1.6", "product": { "name": "IBM InfoSphere Information Server Cloud 11.7.1.6", "product_id": "T042210-fixed", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:cloud__11.7.1.6" } } } ], "category": "product_name", "name": "InfoSphere Information Server" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-31141", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-31141" }, { "cve": "CVE-2024-43186", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-43186" }, { "cve": "CVE-2024-51477", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-51477" }, { "cve": "CVE-2024-55895", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-55895" }, { "cve": "CVE-2024-7577", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-7577" }, { "cve": "CVE-2024-43382", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2024-43382" }, { "cve": "CVE-2025-24789", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2025-24789" }, { "cve": "CVE-2025-24790", "product_status": { "known_affected": [ "T042209", "T042210" ] }, "release_date": "2025-03-30T22:00:00.000+00:00", "title": "CVE-2025-24790" } ] }
CVE-2025-24790 (GCVE-0-2025-24790)
Vulnerability from cvelistv5
Published
2025-01-29 17:49
Modified
2025-02-12 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-276 - Incorrect Default Permissions
Summary
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0.
References
► | URL | Tags |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
snowflakedb | snowflake-jdbc |
Version: >= 3.6.8, < 3.22.0 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-24790", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-29T18:00:01.732193Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-12T19:51:13.788Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "snowflake-jdbc", "vendor": "snowflakedb", "versions": [ { "status": "affected", "version": "\u003e= 3.6.8, \u003c 3.22.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276: Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-29T17:49:19.771Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-33g6-495w-v8j2", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-33g6-495w-v8j2" }, { "name": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" } ], "source": { "advisory": "GHSA-33g6-495w-v8j2", "discovery": "UNKNOWN" }, "title": "Snowflake JDBC uses insecure temporary credential cache file permissions" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2025-24790", "datePublished": "2025-01-29T17:49:19.771Z", "dateReserved": "2025-01-23T17:11:35.837Z", "dateUpdated": "2025-02-12T19:51:13.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-51477 (GCVE-0-2024-51477)
Vulnerability from cvelistv5
Published
2025-03-28 23:51
Modified
2025-03-31 13:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Discrepancy
Summary
IBM InfoSphere Information Server 11.7
could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-51477", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-31T13:47:57.242414Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-31T13:49:24.541Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "InfoSphere Information Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "11.7" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM InfoSphere Information Server 11.7 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould allow an authenticated to obtain sensitive username information due to an observable response discrepancy.\u003c/span\u003e" } ], "value": "IBM InfoSphere Information Server 11.7 \n\ncould allow an authenticated to obtain sensitive username information due to an observable response discrepancy." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-203", "description": "CWE-203 Observable Discrepancy", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-28T23:51:32.765Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7185058" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM InfoSphere Information Server information disclosure", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2024-51477", "datePublished": "2025-03-28T23:51:32.765Z", "dateReserved": "2024-10-28T10:50:18.701Z", "dateUpdated": "2025-03-31T13:49:24.541Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43186 (GCVE-0-2024-43186)
Vulnerability from cvelistv5
Published
2025-03-28 23:49
Modified
2025-04-01 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-256 - Plaintext Storage of a Password
Summary
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43186", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-31T14:23:03.458890Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-01T14:39:27.284Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "InfoSphere Information Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "11.7" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions." } ], "value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-256", "description": "CWE-256 Plaintext Storage of a Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-28T23:49:20.873Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7184980" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM InfoSphere Information Server information disclosure", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2024-43186", "datePublished": "2025-03-28T23:49:20.873Z", "dateReserved": "2024-08-07T13:29:34.028Z", "dateUpdated": "2025-04-01T14:39:27.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-31141 (GCVE-0-2024-31141)
Vulnerability from cvelistv5
Published
2024-11-19 08:40
Modified
2025-01-31 15:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.
Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.
In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.
In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.
This issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.
Users with affected applications are recommended to upgrade kafka-clients to version >=3.8.0, and set the JVM system property "org.apache.kafka.automatic.config.providers=none".
Users of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate "allowlist.pattern" and "allowed.paths" to restrict their operation to appropriate bounds.
For users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.
For users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Apache Software Foundation | Apache Kafka Clients |
Version: 2.3.0 ≤ 3.5.2 Version: 3.6.0 ≤ 3.6.2 Version: 3.7.0 ≤ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2025-01-31T15:02:44.982Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/11/18/5" }, { "url": "https://security.netapp.com/advisory/ntap-20250131-0001/" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-31141", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T14:14:13.118831Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T14:15:34.254Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "org.apache.kafka:kafka-clients", "product": "Apache Kafka Clients", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "3.5.2", "status": "affected", "version": "2.3.0", "versionType": "semver" }, { "lessThanOrEqual": "3.6.2", "status": "affected", "version": "3.6.0", "versionType": "semver" }, { "status": "affected", "version": "3.7.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Greg Harris" }, { "lang": "en", "type": "remediation reviewer", "value": "Mickael Maison" }, { "lang": "en", "type": "remediation reviewer", "value": "Chris Egerton" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\u003cbr\u003e\u003cbr\u003eApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\u003cbr\u003eIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\u003cbr\u003e\u003cbr\u003eIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\u003cbr\u003e\u003cp\u003eThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers with affected applications are recommended to upgrade kafka-clients to version \u0026gt;=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\u003cbr\u003eUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\u003cbr\u003e\u003c/p\u003eFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property.\u003cbr\u003e\u003c/span\u003e" } ], "value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\n\nApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\nIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\n\nIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\nThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\n\n\nUsers with affected applications are recommended to upgrade kafka-clients to version \u003e=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\nUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\n\n\nFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\nFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-19T08:40:50.695Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv" } ], "source": { "discovery": "INTERNAL" }, "title": "Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2024-31141", "datePublished": "2024-11-19T08:40:50.695Z", "dateReserved": "2024-03-28T16:57:34.016Z", "dateUpdated": "2025-01-31T15:02:44.982Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-24789 (GCVE-0-2025-24789)
Vulnerability from cvelistv5
Published
2025-01-29 17:46
Modified
2025-02-12 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-426 - Untrusted Search Path
Summary
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0.
References
► | URL | Tags |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
snowflakedb | snowflake-jdbc |
Version: >= 3.2.3, < 3.22.0 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-24789", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-29T18:01:39.158686Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-12T19:51:13.919Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "snowflake-jdbc", "vendor": "snowflakedb", "versions": [ { "status": "affected", "version": "\u003e= 3.2.3, \u003c 3.22.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-426", "description": "CWE-426: Untrusted Search Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-29T17:46:20.985Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf" }, { "name": "https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6" } ], "source": { "advisory": "GHSA-7hpq-3g6w-pvhf", "discovery": "UNKNOWN" }, "title": "Snowflake JDBC allows an untrusted search path on Windows" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2025-24789", "datePublished": "2025-01-29T17:46:20.985Z", "dateReserved": "2025-01-23T17:11:35.836Z", "dateUpdated": "2025-02-12T19:51:13.919Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-55895 (GCVE-0-2024-55895)
Vulnerability from cvelistv5
Published
2025-03-29 12:22
Modified
2025-03-31 13:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Summary
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-55895", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-31T13:15:15.343901Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-31T13:15:23.408Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "InfoSphere Information Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "11.7" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system." } ], "value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-29T12:22:50.518Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7185450" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM InfoSphere Information Server information disclosure", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2024-55895", "datePublished": "2025-03-29T12:22:50.518Z", "dateReserved": "2024-12-12T18:07:11.451Z", "dateUpdated": "2025-03-31T13:15:23.408Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-7577 (GCVE-0-2024-7577)
Vulnerability from cvelistv5
Published
2025-03-28 23:50
Modified
2025-04-01 14:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Summary
IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-7577", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-31T14:22:26.899848Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-01T14:38:23.595Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "InfoSphere Information Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "11.7" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product." } ], "value": "IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-28T23:50:36.870Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7185020" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM InfoSphere Information Server information disclosure", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2024-7577", "datePublished": "2025-03-28T23:50:36.870Z", "dateReserved": "2024-08-06T23:47:36.907Z", "dateUpdated": "2025-04-01T14:38:23.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43382 (GCVE-0-2024-43382)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2024-10-31 14:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:snowflake:snowflake_jdbc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snowflake_jdbc", "vendor": "snowflake", "versions": [ { "lessThanOrEqual": "3.19.1", "status": "affected", "version": "3.2.6", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-43382", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-31T14:08:18.791494Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-326", "description": "CWE-326 Inadequate Encryption Strength", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T14:15:16.685Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Snowflake JDBC driver versions \u003e= 3.2.6 and \u003c= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-30T20:27:59.009714", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2024-43382", "datePublished": "2024-10-30T00:00:00", "dateReserved": "2024-08-10T00:00:00", "dateUpdated": "2024-10-31T14:15:16.685Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…