Lucene search

GitHub_MCVELIST:CVE-2024-28111

HistoryMar 06, 2024 - 9:15 p.m.

CVE-2024-28111 CSV Injection in exported history CSV files

2024-03-0621:15:02

CWE-1236

GitHub_M

www.cve.org

cve-2024-28111

canarytokens

csv injection

history export

code execution

microsoft excel

security fix

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken’s incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-based Canarytoken to target the Canarytoken’s owner, if the owner exports the incident history to CSV and opens in a reader application such as Microsoft Excel. The impact is that this issue could lead to code execution on the machine on which the CSV file is opened. Version sha-c595a1f8 contains a fix for this issue.

CNA Affected

[
  {
    "vendor": "thinkst",
    "product": "canarytokens",
    "versions": [
      {
        "version": "< sha-c595a1f8",
        "status": "affected"
      }
    ]
  }
]

References

github.com/thinkst/canarytokens/commit/c595a1f884b986da2ca05aa5bff9ae5f93c6a4aa

github.com/thinkst/canarytokens/security/advisories/GHSA-fqh6-v4qp-65fv

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2024-28111