CVE-2024-6744 - Vulnerability Details - OpenCVE

Description

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.

Published: 2024-07-15

Score: 9.8 Critical

EPSS: 2.5% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cellopoint

Secure Email Gateway

unaffected

Version	Status	Constraints
`all`	affected	≤ 4.5.0

Configuration 1 [-]

cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Install the patch Build_20240529 or later

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-47781	The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.02459.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html
https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html

History

No history.

Subscriptions

Cellopoint Secure Email Gateway

MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-07-15T06:32:21.616Z

Updated: 2024-08-01T21:41:04.572Z

Reserved: 2024-07-15T05:39:38.800Z

Link: CVE-2024-6744

Vulnrichment

Updated: 2024-08-01T21:41:04.572Z

NVD

Status : Modified

Published: 2024-07-15T07:15:25.573

Modified: 2024-11-21T09:50:13.873

Link: CVE-2024-6744

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6744", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2024-07-15T05:39:38.800Z", "datePublished": "2024-07-15T06:32:21.616Z", "dateUpdated": "2024-08-01T21:41:04.572Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Secure Email Gateway", "vendor": "Cellopoint", "versions": [{"lessThanOrEqual": "4.5.0", "status": "affected", "version": "all", "versionType": "custom"}]}], "datePublic": "2024-07-15T06:24:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server."}], "value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-07-15T06:34:38.461Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html"}, {"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Install the patch Build_20240529 or later</span>\n\n<br>"}], "value": "Install the patch Build_20240529 or later"}], "source": {"advisory": "TVN-202407010", "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "cellopoint", "product": "secure_email_gateway", "cpes": ["cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.5.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-15T12:27:09.902764Z", "id": "CVE-2024-6744", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T12:32:57.510Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:04.572Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html", "tags": ["third-party-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:04.572Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6744", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-15T12:27:09.902764Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*"], "vendor": "cellopoint", "product": "secure_email_gateway", "versions": [{"status": "affected", "version": "0", "lessThan": "4.5.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T12:32:52.949Z"}}], "cna": {"source": {"advisory": "TVN-202407010", "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Cellopoint", "product": "Secure Email Gateway", "versions": [{"status": "affected", "version": "all", "versionType": "custom", "lessThanOrEqual": "4.5.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Install the patch Build_20240529 or later", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Install the patch Build_20240529 or later</span>\n\n<br>", "base64": false}]}], "datePublic": "2024-07-15T06:24:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.", "supportingMedia": [{"type": "text/html", "value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-07-15T06:34:38.461Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6744", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:41:04.572Z", "dateReserved": "2024-07-15T05:39:38.800Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2024-07-15T06:32:21.616Z", "assignerShortName": "twcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E822200-5CA2-4BCF-B9E8-5E0DD3B93D30", "versionEndExcluding": "4.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server."}, {"lang": "es", "value": "El detector SMTP de Secure Email Gateway de Cellopoint no valida correctamente la entrada del usuario, lo que genera una vulnerabilidad de desbordamiento del b\u00fafer. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios del sistema en el servidor remoto."}], "id": "CVE-2024-6744", "lastModified": "2024-11-21T09:50:13.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2024-07-15T07:15:25.573", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "twcert@cert.org.tw", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}