{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27114", "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "state": "PUBLISHED", "assignerShortName": "DIVD", "dateReserved": "2024-02-19T19:21:08.620Z", "datePublished": "2024-09-11T13:41:16.662Z", "dateUpdated": "2024-09-12T13:13:36.948Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "shortName": "DIVD", "dateUpdated": "2024-09-11T13:41:16.662Z"}, "title": "Remote Code Execution through File Upload in SOPlanning before 1.52.02", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-549", "descriptions": [{"lang": "en", "value": "CAPEC-549 Local Execution of Code"}]}], "affected": [{"vendor": "Simple Online Planning", "product": "SO Planning", "collectionURL": "https://sourceforge.net/projects/soplanning/", "versions": [{"status": "affected", "version": "before 1.52.01"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02. "}]}], "references": [{"url": "https://csirt.divd.nl/CVE-2024-27114", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "Safety": "NEGLIGIBLE", "Automatable": "YES", "Recovery": "IRRECOVERABLE", "valueDensity": "CONCENTRATED", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "RED", "baseSeverity": "HIGH", "baseScore": 8.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:I/V:C/RE:M/U:Red"}}], "configurations": [{"lang": "en", "value": "The public view setting must be enabled.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The public view setting must be enabled."}]}], "workarounds": [{"lang": "en", "value": "Disable the public view setting.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Disable the public view setting."}]}], "credits": [{"lang": "en", "value": "Wietse Boonstra", "type": "finder"}, {"lang": "en", "value": "Hidde Smit", "type": "finder"}, {"lang": "en", "value": "Max van der Horst", "type": "analyst"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "so_planning", "product": "simple_online_planning", "cpes": ["cpe:2.3:a:so_planning:simple_online_planning:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.52.01", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-12T13:10:59.996300Z", "id": "CVE-2024-27114", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T13:13:36.948Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-27114", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-12T13:10:59.996300Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:so_planning:simple_online_planning:*:*:*:*:*:*:*:*"], "vendor": "so_planning", "product": "simple_online_planning", "versions": [{"status": "affected", "version": "0", "lessThan": "1.52.01", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T13:13:30.692Z"}}], "cna": {"title": "Remote Code Execution through File Upload in SOPlanning before 1.52.02", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Wietse Boonstra"}, {"lang": "en", "type": "finder", "value": "Hidde Smit"}, {"lang": "en", "type": "analyst", "value": "Max van der Horst"}], "impacts": [{"capecId": "CAPEC-549", "descriptions": [{"lang": "en", "value": "CAPEC-549 Local Execution of Code"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "IRRECOVERABLE", "baseScore": 8.9, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:I/V:C/RE:M/U:Red", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Simple Online Planning", "product": "SO Planning", "versions": [{"status": "affected", "version": "before 1.52.01"}], "collectionURL": "https://sourceforge.net/projects/soplanning/", "defaultStatus": "unaffected"}], "references": [{"url": "https://csirt.divd.nl/CVE-2024-27114", "tags": ["third-party-advisory"]}], "workarounds": [{"lang": "en", "value": "Disable the public view setting.", "supportingMedia": [{"type": "text/html", "value": "Disable the public view setting.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02.", "supportingMedia": [{"type": "text/html", "value": "A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02. ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "configurations": [{"lang": "en", "value": "The public view setting must be enabled.", "supportingMedia": [{"type": "text/html", "value": "The public view setting must be enabled.", "base64": false}]}], "providerMetadata": {"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "shortName": "DIVD", "dateUpdated": "2024-09-11T13:41:16.662Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27114", "state": "PUBLISHED", "dateUpdated": "2024-09-12T13:13:36.948Z", "dateReserved": "2024-02-19T19:21:08.620Z", "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", "datePublished": "2024-09-11T13:41:16.662Z", "assignerShortName": "DIVD"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*", "matchCriteriaId": "37301719-C761-4C67-9214-CA5AC8747913", "versionEndExcluding": "1.52.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) no autenticada en la herramienta de planificaci\u00f3n en l\u00ednea SO Planning. Si la configuraci\u00f3n de vista p\u00fablica est\u00e1 habilitada, un atacante puede cargar un archivo PHP que estar\u00e1 disponible para su ejecuci\u00f3n durante unos milisegundos antes de que se elimine, lo que provocar\u00e1 la ejecuci\u00f3n de c\u00f3digo en el sistema subyacente. La vulnerabilidad se ha solucionado en la versi\u00f3n 1.52.02."}], "id": "CVE-2024-27114", "lastModified": "2024-09-19T14:27:11.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "YES", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.9, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "RED", "recovery": "IRRECOVERABLE", "safety": "NEGLIGIBLE", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:I/V:C/RE:M/U:Red", "version": "4.0", "vulnerabilityResponseEffort": "MODERATE", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "csirt@divd.nl", "type": "Secondary"}]}, "published": "2024-09-11T14:15:13.040", "references": [{"source": "csirt@divd.nl", "tags": ["Broken Link"], "url": "https://csirt.divd.nl/CVE-2024-27114"}], "sourceIdentifier": "csirt@divd.nl", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "csirt@divd.nl", "type": "Secondary"}]}

{}