CVE-2024-29180 - Vulnerability Details

Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack. Developers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Advanced Cluster Security Apicurio Registry Jboss Data Grid Migration Toolkit Applications Migration Toolkit Runtimes Network Observ Optr Openshift Openshift Data Foundation Openshift Gitops Rhmt

No data.

Package	CPE	Advisory	Released Date
Migration Toolkit for Runtimes 1 on RHEL 8
webpack-dev-middleware	cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8	RHSA-2024:3920	2024-06-13T00:00:00Z
MTA-6.2-RHEL-9
mta/mta-ui-rhel9:6.2.3-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:3989	2024-06-20T00:00:00Z
mta/mta-windup-addon-rhel9:6.2.3-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:3989	2024-06-20T00:00:00Z
MTA-7.0-RHEL-9
mta/mta-cli-rhel9:7.0.3-16	cpe:/a:redhat:migration_toolkit_applications:7.0::el9	RHSA-2024:3316	2024-05-23T00:00:00Z
mta/mta-ui-rhel9:7.0.3-13	cpe:/a:redhat:migration_toolkit_applications:7.0::el9	RHSA-2024:3316	2024-05-23T00:00:00Z
NETWORK-OBSERVABILITY-1.6.0-RHEL-9
network-observability/network-observability-cli-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-console-plugin-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-ebpf-agent-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-flowlogs-pipeline-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-operator-bundle:1.6.0-78	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-rhel9-operator:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
Red Hat Advanced Cluster Security 4.4
advanced-cluster-security/rhacs-central-db-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-collector-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.4.2-6	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.4.2-6	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-rhel8-operator:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-roxctl-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.2-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.2-6	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:2941	2024-05-21T00:00:00Z
Red Hat build of Apicurio Registry 2.6.1 GA
webpack-dev-middleware	cpe:/a:redhat:apicurio_registry:2.6	RHSA-2024:4873	2024-07-25T00:00:00Z
Red Hat Data Grid
webpack-dev-middleware	cpe:/a:redhat:jboss_data_grid:8	RHSA-2024:4460	2024-07-10T00:00:00Z
Red Hat Migration Toolkit for Containers 1.7
rhmtc/openshift-migration-ui-rhel8:v1.7.16-6	cpe:/a:redhat:rhmt:1.7::el8	RHSA-2024:4520	2024-07-11T00:00:00Z
Red Hat Migration Toolkit for Containers 1.8
rhmtc/openshift-migration-controller-rhel8:v1.8.4-22	cpe:/a:redhat:rhmt:1.8::el8	RHSA-2024:7164	2024-09-26T00:00:00Z
Red Hat OpenShift Container Platform 4.16
openshift4/ose-monitoring-plugin-rhel9:v4.16.0-202406140306.p0.gf1fc431.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:0041	2024-06-27T00:00:00Z
Red Hat OpenShift GitOps 1.10
openshift-gitops-1/argocd-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/argo-rollouts-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/console-plugin-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/dex-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-operator-bundle:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8-operator:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/kam-delivery-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
openshift-gitops-1/must-gather-rhel8:v1.10.5-6	cpe:/a:redhat:openshift_gitops:1.10::el8	RHSA-2024:2817	2024-05-10T00:00:00Z
Red Hat OpenShift GitOps 1.11
openshift-gitops-1/argocd-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/argo-rollouts-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/console-plugin-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/dex-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-operator-bundle:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8-operator:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/kam-delivery-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
openshift-gitops-1/must-gather-rhel8:v1.11.4-7	cpe:/a:redhat:openshift_gitops:1.11::el8	RHSA-2024:2815	2024-05-10T00:00:00Z
Red Hat OpenShift GitOps 1.12
openshift-gitops-1/argocd-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/argo-rollouts-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/console-plugin-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/dex-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-operator-bundle:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/gitops-rhel8-operator:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/kam-delivery-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
openshift-gitops-1/must-gather-rhel8:v1.12.2-1	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:2816	2024-05-10T00:00:00Z
RHODF-4.16-RHEL-9
odf4/odf-console-rhel9:v4.16.2-2	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:6755	2024-09-18T00:00:00Z

References

Link	Providers
https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82
https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21
https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132
https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353
https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e
https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4
https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2
https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0
https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6
https://nvd.nist.gov/vuln/detail/CVE-2024-29180
https://www.cve.org/CVERecord?id=CVE-2024-29180

History

Thu, 26 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhmt:1.8::el8

Wed, 18 Sep 2024 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Data Foundation
CPEs		cpe:/a:redhat:openshift_data_foundation:4.16::el9
Vendors & Products		Redhat openshift Data Foundation

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-21T16:47:53.848Z

Updated: 2024-08-02T14:58:57.526Z

Reserved: 2024-03-18T17:07:00.092Z

Link: CVE-2024-29180

Vulnrichment

Updated: 2024-08-02T01:10:54.074Z

NVD

Status : Awaiting Analysis

Published: 2024-03-21T17:15:09.690

Modified: 2024-11-21T09:07:44.450

Link: CVE-2024-29180

Redhat

Severity : Important

Publid Date: 2024-03-21T00:00:00Z

Links: CVE-2024-29180 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29180", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-18T17:07:00.092Z", "datePublished": "2024-03-21T16:47:53.848Z", "dateUpdated": "2024-08-02T14:58:57.526Z"}, "containers": {"cna": {"title": "webpack-dev-middleware Path Traversal vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e"}, {"name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82"}, {"name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0"}], "affected": [{"vendor": "webpack", "product": "webpack-dev-middleware", "versions": [{"version": ">= 7.0.0, < 7.1.0", "status": "affected"}, {"version": ">= 6.0.0, < 6.1.2", "status": "affected"}, {"version": "< 5.3.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-21T16:47:53.848Z"}, "descriptions": [{"lang": "en", "value": "Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack.\n\nDevelopers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing."}], "source": {"advisory": "GHSA-wr3j-pwj9-hqq6", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.074Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353"}, {"name": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e"}, {"name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82"}, {"name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2"}, {"name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0"}]}, {"affected": [{"vendor": "webpack.js", "product": "webpack-dev-middleware", "cpes": ["cpe:2.3:a:webpack.js:webpack-dev-middleware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "5.3.4", "versionType": "custom"}, {"version": "6.0.0", "status": "affected", "lessThan": "6.1.2", "versionType": "custom"}, {"version": "7.0.0", "status": "affected", "lessThan": "7.1.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-02T14:55:43.782623Z", "id": "CVE-2024-29180", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T14:58:57.526Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "name": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "name": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "name": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "name": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.074Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29180", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-02T14:55:43.782623Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:webpack.js:webpack-dev-middleware:*:*:*:*:*:*:*:*"], "vendor": "webpack.js", "product": "webpack-dev-middleware", "versions": [{"status": "affected", "version": "0", "lessThan": "5.3.4", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.1.2", "versionType": "custom"}, {"status": "affected", "version": "7.0.0", "lessThan": "7.1.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T14:58:51.117Z"}}], "cna": {"title": "webpack-dev-middleware Path Traversal vulnerability", "source": {"advisory": "GHSA-wr3j-pwj9-hqq6", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "webpack", "product": "webpack-dev-middleware", "versions": [{"status": "affected", "version": ">= 7.0.0, < 7.1.0"}, {"status": "affected", "version": ">= 6.0.0, < 6.1.2"}, {"status": "affected", "version": "< 5.3.4"}]}], "references": [{"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "name": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "name": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "name": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "name": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "name": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "name": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack.\n\nDevelopers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-21T16:47:53.848Z"}}}, "cveMetadata": {"cveId": "CVE-2024-29180", "state": "PUBLISHED", "dateUpdated": "2024-08-02T14:58:57.526Z", "dateReserved": "2024-03-18T17:07:00.092Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-03-21T16:47:53.848Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack.\n\nDevelopers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing."}, {"lang": "es", "value": "Antes de las versiones 7.1.0, 6.1.2 y 5.3.4, el middleware de desarrollo webpack-dev-middleware para devpack no valida suficientemente la direcci\u00f3n URL proporcionada antes de devolver el archivo local. Es posible acceder a cualquier archivo en la m\u00e1quina del desarrollador. El middleware puede funcionar con el sistema de archivos f\u00edsico al leer los archivos o puede usar un sistema de archivos virtualizado en memoria \"memfs\". Si la opci\u00f3n de configuraci\u00f3n `writeToDisk` est\u00e1 establecida en `true`, se utiliza el sistema de archivos f\u00edsico. El m\u00e9todo `getFilenameFromUrl` se utiliza para analizar la URL y crear la ruta del archivo local. El prefijo de ruta p\u00fablica se elimina de la URL y el sufijo de ruta \"sin separar\" se agrega a \"outputPath\". Como la URL no se elimina y se normaliza autom\u00e1ticamente antes de llamar al midlleware, es posible utilizar las secuencias `%2e` y `%2f` para realizar un ataque de path traversal. Los desarrolladores que utilizan `webpack-dev-server` o `webpack-dev-middleware` se ven afectados por el problema. Cuando se inicia el proyecto, un atacante podr\u00eda acceder a cualquier archivo en la m\u00e1quina del desarrollador y extraer el contenido. Si el servidor de desarrollo est\u00e1 escuchando en una direcci\u00f3n IP p\u00fablica (o `0.0.0.0`), un atacante en la red local puede acceder a los archivos locales sin ninguna interacci\u00f3n por parte de la v\u00edctima (conexi\u00f3n directa al puerto). Si el servidor permite el acceso desde dominios de terceros, un atacante puede enviar un enlace malicioso a la v\u00edctima. Cuando se visita, el script del lado del cliente puede conectarse al servidor local y extraer los archivos locales. A partir de las versiones corregidas 7.1.0, 6.1.2 y 5.3.4, la URL no tiene escape y se normaliza antes de cualquier procesamiento posterior."}], "id": "CVE-2024-29180", "lastModified": "2024-11-21T09:07:44.450", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-21T17:15:09.690", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0"}, {"source": "security-advisories@github.com", "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3920", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "webpack-dev-middleware", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2024-06-13T00:00:00Z"}, {"advisory": "RHSA-2024:3989", "cpe": "cpe:/a:redhat:migration_toolkit_applications:6.2::el9", "package": "mta/mta-ui-rhel9:6.2.3-2", "product_name": "MTA-6.2-RHEL-9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:3989", "cpe": "cpe:/a:redhat:migration_toolkit_applications:6.2::el9", "package": "mta/mta-windup-addon-rhel9:6.2.3-2", "product_name": "MTA-6.2-RHEL-9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:3316", "cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9", "package": "mta/mta-cli-rhel9:7.0.3-16", "product_name": "MTA-7.0-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3316", "cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9", "package": "mta/mta-ui-rhel9:7.0.3-13", "product_name": "MTA-7.0-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-cli-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-console-plugin-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-ebpf-agent-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-flowlogs-pipeline-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-operator-bundle:1.6.0-78", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-rhel9-operator:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-central-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-main-rhel8:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-operator-bundle:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-rhel8-operator:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-roxctl-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:4873", "cpe": "cpe:/a:redhat:apicurio_registry:2.6", "package": "webpack-dev-middleware", "product_name": "Red Hat build of Apicurio Registry 2.6.1 GA", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4460", "cpe": "cpe:/a:redhat:jboss_data_grid:8", "package": "webpack-dev-middleware", "product_name": "Red Hat Data Grid", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:4520", "cpe": "cpe:/a:redhat:rhmt:1.7::el8", "package": "rhmtc/openshift-migration-ui-rhel8:v1.7.16-6", "product_name": "Red Hat Migration Toolkit for Containers 1.7", "release_date": "2024-07-11T00:00:00Z"}, {"advisory": "RHSA-2024:7164", "cpe": "cpe:/a:redhat:rhmt:1.8::el8", "package": "rhmtc/openshift-migration-controller-rhel8:v1.8.4-22", "product_name": "Red Hat Migration Toolkit for Containers 1.8", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:0041", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-monitoring-plugin-rhel9:v4.16.0-202406140306.p0.gf1fc431.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/dex-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2817", "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.10.5-6", "product_name": "Red Hat OpenShift GitOps 1.10", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/dex-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2815", "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.11.4-7", "product_name": "Red Hat OpenShift GitOps 1.11", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/dex-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:2816", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.12.2-1", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-05-10T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-console-rhel9:v4.16.2-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}], "bugzilla": {"description": "webpack-dev-middleware: lack of URL validation may lead to file leak", "id": "2270863", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-22", "details": ["Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack.\nDevelopers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing.", "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-29180", "package_state": [{"cpe": "cpe:/a:redhat:cryostat:2", "fix_state": "Not affected", "package_name": "webpack-dev-middleware", "product_name": "Cryostat 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/logging-view-plugin-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Affected", "package_name": "webpack-dev-middleware", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/console-mce-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/multicluster-engine-console-mce-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:workload_availability_node_healthcheck", "fix_state": "Will not fix", "package_name": "workload-availability/node-remediation-console-rhel8", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "webpack-dev-middleware", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Not affected", "package_name": "openshift-service-mesh/kiali-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-amp-system-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Out of support scope", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Will not fix", "package_name": "aap-cloud-ui-container", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "automation-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Will not fix", "package_name": "automation-eda-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:rhboac_hawtio:4", "fix_state": "Not affected", "package_name": "webpack-dev-middleware", "product_name": "Red Hat build of Apache Camel - HawtIO 4"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Will not fix", "package_name": "webpack-dev-middleware", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Will not fix", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1", "fix_state": "Not affected", "package_name": "discovery-server-container", "product_name": "Red Hat Discovery"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "polkit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "webpack-dev-middleware", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Will not fix", "package_name": "webpack-dev-middleware", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/nmstate-console-plugin-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Affected", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Not affected", "package_name": "container-native-virtualization/kubevirt-console-plugin", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Not affected", "package_name": "container-native-virtualization/kubevirt-console-plugin-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Will not fix", "package_name": "webpack-dev-middleware", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2024-03-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-29180\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-29180\nhttps://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"], "statement": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.", "threat_severity": "Important"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object