CVE-2024-1683 - Vulnerability Details - OpenCVE

A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Key SSVC decision points have not yet been added.

Vendors	Products
Tenable Subscribe	Identity Exposure Subscribe

Configuration 1 [-]

cpe:2.3:a:tenable:identity_exposure:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-17417	A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.

Fixes

Solution

Tenable has released Tenable Identity Exposure Secure Relay Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/identity-exposure https://www.tenable.com/downloads/identity-exposure

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.tenable.com/security/tns-2024-03

History

Tue, 17 Dec 2024 17:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tenable Tenable identity Exposure
CPEs		cpe:2.3:a:tenable:identity_exposure::::::::
Vendors & Products		Tenable Tenable identity Exposure

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2024-02-23T00:02:52.403Z

Updated: 2024-08-01T18:48:21.833Z

Reserved: 2024-02-20T19:24:25.274Z

Link: CVE-2024-1683

Vulnrichment

Updated: 2024-08-01T18:48:21.833Z

NVD

Status : Analyzed

Published: 2024-02-23T01:15:52.700

Modified: 2024-12-17T17:10:15.347

Link: CVE-2024-1683

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-78

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1683", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2024-02-20T19:24:25.274Z", "datePublished": "2024-02-23T00:02:52.403Z", "dateUpdated": "2024-08-01T18:48:21.833Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["Windows"], "product": "Tenable Identity Exposure Secure Relay", "vendor": "Tenable", "versions": [{"lessThan": "3.59.4", "status": "affected", "version": "3.42.17", "versionType": "3.59.4"}]}], "datePublic": "2024-02-21T19:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nA DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.\n\n"}], "value": "\nA DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.\n\n"}], "impacts": [{"capecId": "CAPEC-641", "descriptions": [{"lang": "en", "value": "CAPEC-641 DLL Side-Loading"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2024-02-23T00:02:52.403Z"}, "references": [{"url": "https://www.tenable.com/security/tns-2024-03"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nTenable has released Tenable Identity Exposure Secure Relay Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/identity-exposure\">https://www.tenable.com/downloads/identity-exposure</a>\n\n<br>"}], "value": "\nTenable has released Tenable Identity Exposure Secure Relay Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/identity-exposure https://www.tenable.com/downloads/identity-exposure \n\n\n"}], "source": {"advisory": "TNS-2024-03", "discovery": "EXTERNAL"}, "title": "DLL Injection in Tenable Identity Exposure Secure Relay", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1683", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-23T22:32:47.553771Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:59:58.912Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.833Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.tenable.com/security/tns-2024-03", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.tenable.com/security/tns-2024-03", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.833Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1683", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-23T22:32:47.553771Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:13.169Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "DLL Injection in Tenable Identity Exposure Secure Relay", "source": {"advisory": "TNS-2024-03", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-641", "descriptions": [{"lang": "en", "value": "CAPEC-641 DLL Side-Loading"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Tenable", "product": "Tenable Identity Exposure Secure Relay", "versions": [{"status": "affected", "version": "3.42.17", "lessThan": "3.59.4", "versionType": "3.59.4"}], "platforms": ["Windows"], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "\nTenable has released Tenable Identity Exposure Secure Relay Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/identity-exposure https://www.tenable.com/downloads/identity-exposure \n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\nTenable has released Tenable Identity Exposure Secure Relay Version 3.59.4 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/identity-exposure\">https://www.tenable.com/downloads/identity-exposure</a>\n\n<br>", "base64": false}]}], "datePublic": "2024-02-21T19:00:00.000Z", "references": [{"url": "https://www.tenable.com/security/tns-2024-03"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\nA DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2024-02-23T00:02:52.403Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1683", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:48:21.833Z", "dateReserved": "2024-02-20T19:24:25.274Z", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "datePublished": "2024-02-23T00:02:52.403Z", "assignerShortName": "tenable"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:identity_exposure:*:*:*:*:*:*:*:*", "matchCriteriaId": "41048D01-1264-4CB2-972C-276B47FAA192", "versionEndExcluding": "3.59.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de DLL en la que un atacante local autenticado y con pocos privilegios podr\u00eda modificar archivos de aplicaciones en el host TIE Secure Relay, lo que podr\u00eda permitir la anulaci\u00f3n de la configuraci\u00f3n y la ejecuci\u00f3n de nuevos servicios de Secure Relay."}], "id": "CVE-2024-1683", "lastModified": "2024-12-17T17:10:15.347", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.7, "source": "vulnreport@tenable.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-23T01:15:52.700", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2024-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2024-03"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "vulnreport@tenable.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}