CVE-2024-9802 (GCVE-0-2024-9802)

Vulnerability from cvelistv5 – Published: 2024-10-10 07:41 – Updated: 2024-10-10 14:22
VLAI?
Title
Conformance validation endpoint discloses detail about service to unauthenticated users
Summary
The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The attacker could also check if a service is running.
Severity ?
5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
Open Mainframe Project Zowe Affected: 2.11.0 , < 2.17.0 (semver)
Create a notification for this product.
Credits
Pablo Hernan Carle Pavel Jareš
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linuxfoundation:zowe_api_mediation_layer:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "zowe_api_mediation_layer",
            "vendor": "linuxfoundation",
            "versions": [
              {
                "lessThan": "2.17.0",
                "status": "affected",
                "version": "2.11.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9802",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-10T13:45:19.081095Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-312",
                "description": "CWE-312 Cleartext Storage of Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T14:22:43.244Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Zowe",
          "vendor": "Open Mainframe Project",
          "versions": [
            {
              "lessThan": "2.17.0",
              "status": "affected",
              "version": "2.11.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Pablo Hernan Carle"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Pavel Jare\u0161"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The attacker could also check if a service is running."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "There are no known exploits of this issue however exploits targeting this issue are publicly available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-10T07:41:03.374Z",
        "orgId": "b1336bef-059d-4e13-b11b-9a6ef21b3c78",
        "shortName": "Zowe"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/zowe/api-layer"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "There is a fix since version 2.17.0, authentication is required for the endpoints."
        }
      ],
      "title": "Conformance validation endpoint discloses detail about service to unauthenticated users",
      "workarounds": [
        {
          "lang": "en",
          "value": "No workaround is available."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b1336bef-059d-4e13-b11b-9a6ef21b3c78",
    "assignerShortName": "Zowe",
    "cveId": "CVE-2024-9802",
    "datePublished": "2024-10-10T07:41:03.374Z",
    "dateReserved": "2024-10-10T07:41:03.236Z",
    "dateUpdated": "2024-10-10T14:22:43.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-9802\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-10T13:45:19.081095Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:linuxfoundation:zowe_api_mediation_layer:*:*:*:*:*:*:*:*\"], \"vendor\": \"linuxfoundation\", \"product\": \"zowe_api_mediation_layer\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.11.0\", \"lessThan\": \"2.17.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-312\", \"description\": \"CWE-312 Cleartext Storage of Sensitive Information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-10T13:50:58.056Z\"}}], \"cna\": {\"title\": \"Conformance validation endpoint discloses detail about service to unauthenticated users\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Pablo Hernan Carle\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Pavel Jare\\u0161\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Open Mainframe Project\", \"product\": \"Zowe\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.11.0\", \"lessThan\": \"2.17.0\", \"versionType\": \"semver\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"There are no known exploits of this issue however exploits targeting this issue are publicly available.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"There is a fix since version 2.17.0, authentication is required for the endpoints.\"}], \"references\": [{\"url\": \"https://github.com/zowe/api-layer\", \"tags\": [\"product\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workaround is available.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The attacker could also check if a service is running.\"}], \"providerMetadata\": {\"orgId\": \"b1336bef-059d-4e13-b11b-9a6ef21b3c78\", \"shortName\": \"Zowe\", \"dateUpdated\": \"2024-10-10T07:41:03.374Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-9802\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-10T14:22:43.244Z\", \"dateReserved\": \"2024-10-10T07:41:03.236Z\", \"assignerOrgId\": \"b1336bef-059d-4e13-b11b-9a6ef21b3c78\", \"datePublished\": \"2024-10-10T07:41:03.374Z\", \"assignerShortName\": \"Zowe\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.