Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 05 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Virtualmin
Virtualmin virtualmin
Webmin
Webmin webmin
Weaknesses CWE-835
CPEs cpe:2.3:a:virtualmin:virtualmin:*:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*
Vendors & Products Virtualmin
Virtualmin virtualmin
Webmin
Webmin webmin
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 04 Sep 2024 23:15:00 +0000

Type Values Removed Values Added
Description Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-05T13:43:51.165Z

Reserved: 2024-09-04T00:00:00

Link: CVE-2024-45692

cve-icon Vulnrichment

Updated: 2024-09-05T13:39:51.458Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-04T23:15:12.887

Modified: 2024-09-05T21:35:14.337

Link: CVE-2024-45692

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.