{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1969", "assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90", "state": "PUBLISHED", "assignerShortName": "Secomea", "dateReserved": "2024-02-28T14:49:31.001Z", "datePublished": "2024-04-29T13:29:01.094Z", "dateUpdated": "2024-08-01T18:56:22.773Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["webserver"], "product": "GateManager", "vendor": "Secomea", "versions": [{"lessThan": "11.2.624095033", "status": "affected", "version": "9.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.<p>This issue affects GateManager: from 9.7 before 11.2.624095033.</p>"}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033.\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f2815942-3388-4c08-ba09-6c15850fda90", "shortName": "Secomea", "dateUpdated": "2024-04-29T13:29:01.094Z"}, "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/"}], "source": {"defect": ["RD-6718"], "discovery": "INTERNAL"}, "title": "Heap buffer overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T15:12:46.757035Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:secomea:gatemanager:-:*:*:*:*:*:*:*"], "vendor": "secomea", "product": "gatemanager", "versions": [{"status": "affected", "version": "9.7"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:00:05.549Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.773Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.773Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T15:12:46.757035Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:secomea:gatemanager:-:*:*:*:*:*:*:*"], "vendor": "secomea", "product": "gatemanager", "versions": [{"status": "affected", "version": "9.7"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-29T15:15:06.442Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Heap buffer overflow", "source": {"defect": ["RD-6718"], "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Secomea", "modules": ["webserver"], "product": "GateManager", "versions": [{"status": "affected", "version": "9.7", "lessThan": "11.2.624095033", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033.\n\n", "supportingMedia": [{"type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.<p>This issue affects GateManager: from 9.7 before 11.2.624095033.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "f2815942-3388-4c08-ba09-6c15850fda90", "shortName": "Secomea", "dateUpdated": "2024-04-29T13:29:01.094Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1969", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:56:22.773Z", "dateReserved": "2024-02-28T14:49:31.001Z", "assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90", "datePublished": "2024-04-29T13:29:01.094Z", "assignerShortName": "Secomea"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033.\n\n"}, {"lang": "es", "value": "La vulnerabilidad de copia de b\u00fafer sin verificar el tama\u00f1o de la entrada ('desbordamiento de b\u00fafer cl\u00e1sico') en Secomea GateManager (m\u00f3dulos de servidor web) permite el bloqueo de GateManager. Este problema afecta a GateManager: desde 9.7 antes de 11.2.624095033."}], "id": "CVE-2024-1969", "lastModified": "2024-11-21T08:51:42.163", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "VulnerabilityReporting@secomea.com", "type": "Secondary"}]}, "published": "2024-04-29T14:15:08.430", "references": [{"source": "VulnerabilityReporting@secomea.com", "url": "https://www.secomea.com/support/cybersecurity-advisory/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.secomea.com/support/cybersecurity-advisory/"}], "sourceIdentifier": "VulnerabilityReporting@secomea.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "VulnerabilityReporting@secomea.com", "type": "Secondary"}]}

{}

{}