Lucene search
Veracode Vulnerability DatabaseVERACODE:47187HistoryMay 27, 2024 - 6:14 a.m.
Remote Code Execution (RCE)
2024-05-2706:14:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
ait-core
vulnerability
remote code execution
loading
untrusted
pickle files
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
ait-core is vulnerable to Remote Code Execution (RCE). The vulnerability is caused due to loading untrusted pickle files, allowing attackers to execute arbitrary code.
Related
cvelist
cvelist
CVE-2024-35059
1976-01-01 00:00:00
CVE-2024-35061
1976-01-01 00:00:00
vulnrichment
vulnrichment
CVE-2024-35059
1976-01-01 00:00:00
CVE-2024-35061
1976-01-01 00:00:00
cve
cve
CVE-2024-35059
2024-05-21 19:15:10
CVE-2024-35061
2024-05-21 19:15:10
nvd
nvd
CVE-2024-35059
2024-05-21 19:15:10
CVE-2024-35061
2024-05-21 19:15:10
osv
osv
NASA AIT-Core vulnerable to remote code execution
2024-05-21 21:30:27
github
github
NASA AIT-Core vulnerable to remote code execution
2024-05-21 21:30:27
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
Related for VERACODE:47187