Lucene search

K

CVE-2024-52337

🗓️ 26 Nov 2024 16:17:15Reported by redhatType 
cve
 cve
🔗 web.nvd.nist.gov👁 45 Views

Improper sanitization in TuneD package allows log spoofing and potential admin tricker

Show more
Related
Affected
Refs
[
  {
    "versions": [
      {
        "status": "affected",
        "version": "2.23.0",
        "lessThan": "2.24.1",
        "versionType": "semver"
      }
    ],
    "packageName": "tuned",
    "collectionURL": "https://github.com/redhat-performance/tuned",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-5.el7fdp.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-13.el7_9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_els:7",
      "cpe:/a:redhat:rhel_extras_rt_els:7",
      "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
      "cpe:/a:redhat:rhel_extras_sap_els:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-13.el7_9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_els:7",
      "cpe:/a:redhat:rhel_extras_rt_els:7",
      "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
      "cpe:/a:redhat:rhel_extras_sap_els:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.22.1-5.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::realtime",
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::nfv",
      "cpe:/a:redhat:enterprise_linux:8::appstream",
      "cpe:/a:redhat:enterprise_linux:8::sap",
      "cpe:/a:redhat:enterprise_linux:8::sap_hana"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.22.1-5.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::realtime",
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::nfv",
      "cpe:/a:redhat:enterprise_linux:8::appstream",
      "cpe:/a:redhat:enterprise_linux:8::sap",
      "cpe:/a:redhat:enterprise_linux:8::sap_hana"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/o:redhat:rhel_tus:8.4::baseos",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/o:redhat:rhel_tus:8.4::baseos",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/o:redhat:rhel_tus:8.4::baseos",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/o:redhat:rhel_tus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_tus:8.6::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/o:redhat:rhel_tus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_tus:8.6::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/o:redhat:rhel_tus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_tus:8.6::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-2.el8_8.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:8.8::sap_hana",
      "cpe:/a:redhat:rhel_eus:8.8::appstream",
      "cpe:/o:redhat:rhel_eus:8.8::baseos",
      "cpe:/a:redhat:rhel_eus:8.8::sap",
      "cpe:/a:redhat:rhel_eus:8.8::nfv",
      "cpe:/a:redhat:rhel_eus:8.8::realtime"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::sap_hana",
      "cpe:/a:redhat:enterprise_linux:9::nfv",
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::sap",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::realtime"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::sap_hana",
      "cpe:/a:redhat:enterprise_linux:9::nfv",
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::sap",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::realtime"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 Nov 2024 16:15Current
5.3Medium risk
Vulners AI Score5.3
CVSS35.5
EPSS0.001
SSVC
45
.json
Report