Lucene search
GoogleOSV:GO-2024-3141HistorySep 20, 2024 - 6:51 p.m.
OPA for Windows has an SMB force-authentication vulnerability in github.com/open-policy-agent/opa
2024-09-2018:51:34
Google
osv.dev
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
OPA for Windows has an SMB force-authentication vulnerability. Due to improper input validation, it allows a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.
Related
wolfi
wolfi
CVE-2024-8260 vulnerabilities
2024-09-21 21:11:51
nvd
nvd
CVE-2024-8260
2024-08-30 13:15:12
osv
osv
CGA-9969-43hg-mxvg
2024-09-21 13:21:53
CGA-8xfg-4hw5-vjcj
2024-09-21 09:06:55
CGA-vx3j-4cj2-74qr
2024-09-21 10:56:11
vulnrichment
vulnrichment
CVE-2024-8260 OPA SMB Force-Authentication
2024-08-30 12:22:45
cve
cve
CVE-2024-8260
2024-08-30 13:15:12
github
github
OPA for Windows has an SMB force-authentication vulnerability
2024-08-30 15:31:30
redhatcve
redhatcve
CVE-2024-8260
2024-09-02 06:10:31
cvelist
cvelist
CVE-2024-8260 OPA SMB Force-Authentication
2024-08-30 12:22:45
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
Related for OSV:GO-2024-3141