4 matches found
CVE-2024-42166
The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...
CVE-2024-42166 Command Injection in Applicationname
The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...
CVE-2024-42166 Command Injection in Applicationname
The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...
CVE-2024-42166
The CVE-2024-42166 entry concerns FIWARE Keyrock 8.4 and earlier, where generate_app_certificates in lib/app_certificates.js fails to neutralize OS command elements. This enables an authenticated user with permissions to create applications to execute arbitrary commands by supplying a malicious a...