Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1.
History

Mon, 23 Dec 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 13 Dec 2024 06:00:00 +0000

Type Values Removed Values Added
Description Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1.
Title Insecure Deserialization via Runbooks Imports
Weaknesses CWE-502
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/U:Red'}


cve-icon MITRE

Status: PUBLISHED

Assigner: PlexTrac

Published: 2024-12-13T05:51:24.351Z

Updated: 2024-12-23T21:26:24.736Z

Reserved: 2024-11-26T19:25:21.962Z

Link: CVE-2024-11839

cve-icon Vulnrichment

Updated: 2024-12-23T21:26:20.932Z

cve-icon NVD

Status : Received

Published: 2024-12-13T06:15:26.273

Modified: 2024-12-13T06:15:26.273

Link: CVE-2024-11839

cve-icon Redhat

No data.