CVE-2024-41954 - Vulnerability Details - OpenCVE

Description

FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41.

Published: 2024-07-31

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

FOGProject

fogproject

affected

Version	Status	Constraints
`< 1.5.10.41`	affected	—

Configuration 1 [-]

cpe:2.3:a:fogproject:fogproject:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-39290	FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00097.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90
https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c

History

No history.

Subscriptions

Fogproject Fogproject

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-31T19:23:41.492Z

Updated: 2024-07-31T20:30:19.312Z

Reserved: 2024-07-24T16:51:40.949Z

Link: CVE-2024-41954

Vulnrichment

Updated: 2024-07-31T20:30:14.166Z

NVD

Status : Analyzed

Published: 2024-07-31T20:15:06.587

Modified: 2024-09-05T16:18:09.940

Link: CVE-2024-41954

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-732

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41954", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-24T16:51:40.949Z", "datePublished": "2024-07-31T19:23:41.492Z", "dateUpdated": "2024-07-31T20:30:19.312Z"}, "containers": {"cna": {"title": "FOG Weak file permissions", "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "lang": "en", "description": "CWE-732: Incorrect Permission Assignment for Critical Resource", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c"}, {"name": "https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90", "tags": ["x_refsource_MISC"], "url": "https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90"}], "affected": [{"vendor": "FOGProject", "product": "fogproject", "versions": [{"version": "< 1.5.10.41", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-31T19:23:41.492Z"}, "descriptions": [{"lang": "en", "value": "FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the \"/opt/fog/.fogsettings\" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41."}], "source": {"advisory": "GHSA-pcqm-h8cx-282c", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "fogproject", "product": "fogproject", "cpes": ["cpe:2.3:a:fogproject:fogproject:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.5.10.41", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T20:29:06.125619Z", "id": "CVE-2024-41954", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T20:30:19.312Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41954", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-31T20:29:06.125619Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fogproject:fogproject:*:*:*:*:*:*:*:*"], "vendor": "fogproject", "product": "fogproject", "versions": [{"status": "affected", "version": "0", "lessThan": "1.5.10.41", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T20:30:14.166Z"}}], "cna": {"title": "FOG Weak file permissions", "source": {"advisory": "GHSA-pcqm-h8cx-282c", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "FOGProject", "product": "fogproject", "versions": [{"status": "affected", "version": "< 1.5.10.41"}]}], "references": [{"url": "https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c", "name": "https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90", "name": "https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the \"/opt/fog/.fogsettings\" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732: Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-31T19:23:41.492Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41954", "state": "PUBLISHED", "dateUpdated": "2024-07-31T20:30:19.312Z", "dateReserved": "2024-07-24T16:51:40.949Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-31T19:23:41.492Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fogproject:fogproject:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDC1FAD4-EE15-41FF-BDF0-685E7885E4F6", "versionEndIncluding": "1.5.10.41", "versionStartIncluding": "1.5.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the \"/opt/fog/.fogsettings\" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41."}, {"lang": "es", "value": "FOG es un sistema de gesti\u00f3n de inventario, clonaci\u00f3n, im\u00e1genes, suite de rescate. La aplicaci\u00f3n almacena las credenciales de la cuenta de servicio en texto plano en el archivo \"/opt/fog/.fogsettings\". Este archivo es legible de forma predeterminada por todos los usuarios del host. Al explotar estas credenciales, un usuario malintencionado podr\u00eda crear nuevas cuentas para la aplicaci\u00f3n web y mucho m\u00e1s. La vulnerabilidad se solucion\u00f3 en 1.5.10.41."}], "id": "CVE-2024-41954", "lastModified": "2024-09-05T16:18:09.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-31T20:15:06.587", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/FOGProject/fogproject/commit/97ed6d51608e52fc087ca1d2f03d6b8df612fc90"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/FOGProject/fogproject/security/advisories/GHSA-pcqm-h8cx-282c"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "security-advisories@github.com", "type": "Secondary"}]}