CVE-2024-24782 - OpenCVE

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://cert.vde.com/en/advisories/VDE-2024-013

History

No history.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-02-13T13:46:58.469Z

Updated: 2024-08-01T23:28:12.694Z

Reserved: 2024-01-30T14:47:38.518Z

Link: CVE-2024-24782

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2024-02-13T14:15:47.053

Modified: 2024-02-13T15:16:05.223

Link: CVE-2024-24782

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24782", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2024-01-30T14:47:38.518Z", "datePublished": "2024-02-13T13:46:58.469Z", "dateUpdated": "2024-08-01T23:28:12.694Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "F30 03X YY (COM)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "24.14", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F30 03X YY (CPU)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "18.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F35 03X YY (COM)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "24.14", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F35 03X YY (CPU)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "18.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F60 CPU 03X YY (COM)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "24.14", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F60 CPU 03X YY (CPU)", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "18.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F-COM 01", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.12", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F-COM 01 coated", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.12", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F-CPU 01", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "F-CPU 01 coated", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "X-COM 01 E YY", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "15.14", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "X-COM 01 YY", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.12", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "X-CPU 01", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.6", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "X-CPU 31", "vendor": "HIMA", "versions": [{"lessThanOrEqual": "14.6", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2024-02-13T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN."}], "value": "An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-346", "description": "CWE-346 Origin Validation Error", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2024-02-13T13:47:58.187Z"}, "references": [{"url": "https://cert.vde.com/en/advisories/VDE-2024-013"}], "source": {"advisory": "VDE-2024-013", "defect": ["CERT@VDE#64651"], "discovery": "UNKNOWN"}, "title": "HIMA: Origin Validation Error in multiple products", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.694Z"}, "title": "CVE Program Container", "references": [{"url": "https://cert.vde.com/en/advisories/VDE-2024-013", "tags": ["x_transferred"]}]}]}}