Lucene search
K

CVE-2024-52337

🗓️ 26 Nov 2024 15:21:17Reported by redhatType 
cve
 cve
🔗 web.nvd.nist.gov👁 140 Views

Improper sanitization in TuneD package allows log spoofing and potential admin tricker

Related
Detection
Affected
Refs
Vulners
Node
redhattunedRange2.23.02.24.1
OR
redhatenterprise_linuxMatch7fastdatapath
OR
redhatenterprise_linuxMatch8fastdatapath
OR
redhatenterprise_linuxMatch9fastdatapath
OROROROROR
redhatenterprise_linuxMatch8appstream
OROROROROROR
redhatrhel_ausMatch8.4appstream
OR
redhatrhel_e4sMatch8.4appstream
OR
redhatrhel_e4sMatch8.4sap
OR
redhatrhel_e4sMatch8.4sap_hana
OR
redhatrhel_tusMatch8.4appstream
OR
redhatrhel_tusMatch8.4nfv
OR
redhatrhel_tusMatch8.4realtime
OR
redhatrhel_ausMatch8.4baseos
OR
redhatrhel_e4sMatch8.4baseos
OR
redhatrhel_tusMatch8.4baseos
OR
redhatrhel_ausMatch8.6appstream
OR
redhatrhel_e4sMatch8.6appstream
OR
redhatrhel_e4sMatch8.6nfv
OR
redhatrhel_e4sMatch8.6sap
OR
redhatrhel_e4sMatch8.6sap_hana
OR
redhatrhel_tusMatch8.6appstream
OR
redhatrhel_tusMatch8.6nfv
OR
redhatrhel_tusMatch8.6realtime
OR
redhatrhel_ausMatch8.6baseos
OR
redhatrhel_e4sMatch8.6baseos
OR
redhatrhel_tusMatch8.6baseos
OR
redhatrhel_eusMatch8.8appstream
OR
redhatrhel_eusMatch8.8nfv
OR
redhatrhel_eusMatch8.8realtime
OR
redhatrhel_eusMatch8.8sap
OR
redhatrhel_eusMatch8.8sap_hana
OR
redhatrhel_eusMatch8.8baseos
OR
redhatenterprise_linuxMatch9appstream
OROROROROROR
redhatrhel_eusMatch9.2appstream
OR
redhatrhel_eusMatch9.2nfv
OR
redhatrhel_eusMatch9.2realtime
OR
redhatrhel_eusMatch9.2sap
OR
redhatrhel_eusMatch9.2sap_hana
OR
redhatrhel_eusMatch9.2baseos
OR
redhatrhel_eusMatch9.4appstream
OR
redhatrhel_eusMatch9.4nfv
OR
redhatrhel_eusMatch9.4realtime
OR
redhatrhel_eusMatch9.4sap
OR
redhatrhel_eusMatch9.4sap_hana
OR
redhatrhel_eusMatch9.4baseos
[
  {
    "versions": [
      {
        "status": "affected",
        "version": "2.23.0",
        "lessThan": "2.24.1",
        "versionType": "semver"
      }
    ],
    "packageName": "tuned",
    "collectionURL": "https://github.com/redhat-performance/tuned",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-5.el7fdp.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-13.el7_9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_extras_rt_els:7",
      "cpe:/a:redhat:rhel_extras_sap_els:7",
      "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
      "cpe:/o:redhat:rhel_els:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.11.0-13.el7_9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_extras_rt_els:7",
      "cpe:/a:redhat:rhel_extras_sap_els:7",
      "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
      "cpe:/o:redhat:rhel_els:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.22.1-5.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::appstream",
      "cpe:/a:redhat:enterprise_linux:8::nfv",
      "cpe:/a:redhat:enterprise_linux:8::realtime",
      "cpe:/a:redhat:enterprise_linux:8::sap",
      "cpe:/a:redhat:enterprise_linux:8::sap_hana",
      "cpe:/o:redhat:enterprise_linux:8::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.22.1-5.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::appstream",
      "cpe:/a:redhat:enterprise_linux:8::nfv",
      "cpe:/a:redhat:enterprise_linux:8::realtime",
      "cpe:/a:redhat:enterprise_linux:8::sap",
      "cpe:/a:redhat:enterprise_linux:8::sap_hana",
      "cpe:/o:redhat:enterprise_linux:8::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/o:redhat:rhel_tus:8.4::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/o:redhat:rhel_tus:8.4::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::sap",
      "cpe:/a:redhat:rhel_e4s:8.4::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::nfv",
      "cpe:/a:redhat:rhel_tus:8.4::realtime",
      "cpe:/o:redhat:rhel_aus:8.4::baseos",
      "cpe:/o:redhat:rhel_e4s:8.4::baseos",
      "cpe:/o:redhat:rhel_tus:8.4::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::nfv",
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/o:redhat:rhel_tus:8.6::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::nfv",
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/o:redhat:rhel_tus:8.6::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-1.el8_6.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::appstream",
      "cpe:/a:redhat:rhel_e4s:8.6::nfv",
      "cpe:/a:redhat:rhel_e4s:8.6::sap",
      "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
      "cpe:/a:redhat:rhel_tus:8.6::appstream",
      "cpe:/a:redhat:rhel_tus:8.6::nfv",
      "cpe:/a:redhat:rhel_tus:8.6::realtime",
      "cpe:/o:redhat:rhel_aus:8.6::baseos",
      "cpe:/o:redhat:rhel_e4s:8.6::baseos",
      "cpe:/o:redhat:rhel_tus:8.6::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-2.el8_8.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:8.8::appstream",
      "cpe:/a:redhat:rhel_eus:8.8::nfv",
      "cpe:/a:redhat:rhel_eus:8.8::realtime",
      "cpe:/a:redhat:rhel_eus:8.8::sap",
      "cpe:/a:redhat:rhel_eus:8.8::sap_hana",
      "cpe:/o:redhat:rhel_eus:8.8::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::nfv",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::sap",
      "cpe:/a:redhat:enterprise_linux:9::sap_hana",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.24.0-2.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::nfv",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::sap",
      "cpe:/a:redhat:enterprise_linux:9::sap_hana",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.20.0-3.el9_2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.2::appstream",
      "cpe:/a:redhat:rhel_eus:9.2::nfv",
      "cpe:/a:redhat:rhel_eus:9.2::realtime",
      "cpe:/a:redhat:rhel_eus:9.2::sap",
      "cpe:/a:redhat:rhel_eus:9.2::sap_hana",
      "cpe:/o:redhat:rhel_eus:9.2::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.22.1-3.el9_4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.4::appstream",
      "cpe:/a:redhat:rhel_eus:9.4::nfv",
      "cpe:/a:redhat:rhel_eus:9.4::realtime",
      "cpe:/a:redhat:rhel_eus:9.4::sap",
      "cpe:/a:redhat:rhel_eus:9.4::sap_hana",
      "cpe:/o:redhat:rhel_eus:9.4::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tuned",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

26 Jun 2026 02:16Current
5.3Medium risk
Vulners AI Score5.3
CVSS 3.15.5
EPSS0.00298
SSVC
140