CVE-2024-42166 - Vulnerability Details - OpenCVE

The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Fiware	Keyrock

Configuration 1 [-]

cpe:2.3:a:fiware:keyrock:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories

History

Mon, 12 Aug 2024 14:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fiware Fiware keyrock
CPEs		cpe:2.3:a:fiware:keyrock::::::::
Vendors & Products		Fiware Fiware keyrock
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 12 Aug 2024 11:45:00 +0000

Type	Values Removed	Values Added
Description		The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name.
Title		Command Injection in Applicationname
Weaknesses		CWE-78
References		https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories
Metrics		cvssV3_1 `{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: CyberDanube

Published: 2024-08-12T11:36:28.386Z

Updated: 2024-08-12T13:46:39.901Z

Reserved: 2024-07-29T20:49:58.925Z

Link: CVE-2024-42166

Vulnrichment

Updated: 2024-08-12T13:46:30.646Z

NVD

Status : Analyzed

Published: 2024-08-12T13:38:33.290

Modified: 2024-08-29T15:23:20.647

Link: CVE-2024-42166

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42166", "assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc", "state": "PUBLISHED", "assignerShortName": "CyberDanube", "dateReserved": "2024-07-29T20:49:58.925Z", "datePublished": "2024-08-12T11:36:28.386Z", "dateUpdated": "2024-08-12T13:46:39.901Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FIWARE Keyrock", "vendor": "FIWARE", "versions": [{"lessThanOrEqual": "8.4", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Wolfgang Hotwagner (Austrian Institute of Technology)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The function \"generate_app_certificates\" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name."}], "value": "The function \"generate_app_certificates\" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not\u00a0neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc", "shortName": "CyberDanube", "dateUpdated": "2024-08-12T11:36:28.386Z"}, "references": [{"url": "https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories"}], "source": {"discovery": "EXTERNAL"}, "title": "Command Injection in Applicationname", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "fiware", "product": "keyrock", "cpes": ["cpe:2.3:a:fiware:keyrock:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "8.4", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-12T13:38:25.936495Z", "id": "CVE-2024-42166", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T13:46:39.901Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42166", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-12T13:38:25.936495Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fiware:keyrock:*:*:*:*:*:*:*:*"], "vendor": "fiware", "product": "keyrock", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "8.4"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T13:46:30.646Z"}}], "cna": {"title": "Command Injection in Applicationname", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Wolfgang Hotwagner (Austrian Institute of Technology)"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "FIWARE", "product": "FIWARE Keyrock", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "8.4"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The function \"generate_app_certificates\" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not\u00a0neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name.", "supportingMedia": [{"type": "text/html", "value": "The function \"generate_app_certificates\" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc", "shortName": "CyberDanube", "dateUpdated": "2024-08-12T11:36:28.386Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42166", "state": "PUBLISHED", "dateUpdated": "2024-08-12T13:46:39.901Z", "dateReserved": "2024-07-29T20:49:58.925Z", "assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc", "datePublished": "2024-08-12T11:36:28.386Z", "assignerShortName": "CyberDanube"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fiware:keyrock:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D17A7A9-D306-4797-87E7-DCF904D86D27", "versionEndIncluding": "8.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The function \"generate_app_certificates\" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not\u00a0neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name."}, {"lang": "es", "value": "La funci\u00f3n \"generate_app_certificates\" en lib/app_certificates.js de FIWARE Keyrock <= 8.4 no neutraliza correctamente los elementos especiales utilizados en un comando del sistema operativo. Esto permite a un usuario autenticado con permisos crear aplicaciones para ejecutar comandos creando una aplicaci\u00f3n con un nombre malicioso."}], "id": "CVE-2024-42166", "lastModified": "2024-08-29T15:23:20.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "office@cyberdanube.com", "type": "Secondary"}]}, "published": "2024-08-12T13:38:33.290", "references": [{"source": "office@cyberdanube.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories"}], "sourceIdentifier": "office@cyberdanube.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "office@cyberdanube.com", "type": "Secondary"}]}