Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:32 a.m.13 views

CVE-2024-42166

The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...

9.1CVSS9.3AI score0.00486EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/12 11:36 a.m.20 views

CVE-2024-42166 Command Injection in Applicationname

The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...

9.1CVSS7.5AI score0.00486EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/08/12 11:36 a.m.30 views

CVE-2024-42166 Command Injection in Applicationname

The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...

9.1CVSS0.00486EPSS
Exploits1References1
CVE
CVE
added 2024/08/12 11:36 a.m.51 views

CVE-2024-42166

The CVE-2024-42166 entry concerns FIWARE Keyrock 8.4 and earlier, where generate_app_certificates in lib/app_certificates.js fails to neutralize OS command elements. This enables an authenticated user with permissions to create applications to execute arbitrary commands by supplying a malicious a...

9.1CVSS9.3AI score0.00486EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder