Lucene search
INCIBECVE-2024-3781HistoryApr 15, 2024 - 2:15 p.m.
CVE-2024-3781
2024-04-1514:15:08
CWE-78
INCIBE
web.nvd.nist.gov
37
cve-2024-3781
command injection
operating system
active directory integration
downstream component
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.6%
Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.
Affected configurations
Node
wbsairbackwhite_bear_solutionsRange≤21.02.04
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wbsairback | white_bear_solutions | * | cpe:2.3:a:wbsairback:white_bear_solutions:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "White Bear Solutions",
"vendor": "WBSAirback",
"versions": [
{
"status": "affected",
"version": "21.02.04"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-3781 OS Command Injection vulnerability in WBSAirback
2024-04-15 14:03:05
nvd
nvd
CVE-2024-3781
2024-04-15 14:15:08
cvelist
cvelist
CVE-2024-3781 OS Command Injection vulnerability in WBSAirback
2024-04-15 14:03:05
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.6%
Related for CVE-2024-3781