Lucene search

K
vulnrichmentMitreVULNRICHMENT:CVE-2024-41628
HistoryJul 26, 2024 - 12:00 a.m.

CVE-2024-41628

2024-07-2600:00:00
mitre
github.com
6
directory traversal
severalnines cluster control
remote attack

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

28.7%

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:severalnines:clustercontrol:*:*:*:*:*:*:*:*"
    ],
    "vendor": "severalnines",
    "product": "clustercontrol",
    "versions": [
      {
        "status": "affected",
        "version": "1.9.8",
        "lessThan": "1.9.8-9778",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "2.0.0",
        "lessThan": "2.0.0-9779",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "2.1.0",
        "lessThan": "2.1.0-9780",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

28.7%

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

Related for VULNRICHMENT:CVE-2024-41628