Lucene search

ZoweCVELIST:CVE-2024-6834

HistoryJul 17, 2024 - 2:44 p.m.

CVE-2024-6834 Imperative Local Command Injection allows Activity Masking

2024-07-1714:44:06

Zowe

www.cve.org

vulnerability

apiml

spring cloud gateway

user privileges

proxied request

zowe

client certificate

endpoint access

internal certificate

attacker access

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:T/RC:C/CR:H/IR:H/AR:M/MAV:N/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H

EPSS

Percentile

9.3%

JSON

A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe’s client certificate. This allows access to a user to the endpoints requiring an internal client certificate without any credentials. It could lead to managing components in there and allow an attacker to handle the whole communication including user credentials.

CNA Affected

[
  {
    "vendor": "Open Mainframe Project",
    "product": "Zowe",
    "versions": [
      {
        "version": "2.4.0",
        "status": "affected",
        "lessThan": "2.14.0",
        "versionType": "semver"
      }
    ]
  }
]

References

github.com/zowe/api-layer

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:T/RC:C/CR:H/IR:H/AR:M/MAV:N/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H

EPSS

Percentile

9.3%

JSON

Related for CVELIST:CVE-2024-6834