{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0949", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2024-01-26T13:00:20.711Z", "datePublished": "2024-06-27T09:36:59.897Z", "dateUpdated": "2024-08-01T18:26:28.980Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Elektraweb", "vendor": "Talya Informatics", "versions": [{"lessThan": "v17.0.68", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Yusuf Kamil \u00c7AVU\u015eO\u011eLU"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.<p>This issue affects Elektraweb: before v17.0.68.</p>"}], "value": "Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}, {"capecId": "CAPEC-76", "descriptions": [{"lang": "en", "value": "CAPEC-76 Manipulating Web Input to File System Calls"}]}, {"capecId": "CAPEC-19", "descriptions": [{"lang": "en", "value": "CAPEC-19 Embedding Scripts within Scripts"}]}, {"capecId": "CAPEC-441", "descriptions": [{"lang": "en", "value": "CAPEC-441 Malicious Logic Insertion"}]}, {"capecId": "CAPEC-478", "descriptions": [{"lang": "en", "value": "CAPEC-478 Modification of Windows Service Configuration"}]}, {"capecId": "CAPEC-479", "descriptions": [{"lang": "en", "value": "CAPEC-479 Malicious Root Certificate"}]}, {"capecId": "CAPEC-502", "descriptions": [{"lang": "en", "value": "CAPEC-502 Intent Spoof"}]}, {"capecId": "CAPEC-503", "descriptions": [{"lang": "en", "value": "CAPEC-503 WebView Exposure"}]}, {"capecId": "CAPEC-536", "descriptions": [{"lang": "en", "value": "CAPEC-536 Data Injected During Configuration"}]}, {"capecId": "CAPEC-546", "descriptions": [{"lang": "en", "value": "CAPEC-546 Incomplete Data Deletion in a Multi-Tenant Environment"}]}, {"capecId": "CAPEC-550", "descriptions": [{"lang": "en", "value": "CAPEC-550 Install New Service"}]}, {"capecId": "CAPEC-551", "descriptions": [{"lang": "en", "value": "CAPEC-551 Modify Existing Service"}]}, {"capecId": "CAPEC-552", "descriptions": [{"lang": "en", "value": "CAPEC-552 Install Rootkit"}]}, {"capecId": "CAPEC-556", "descriptions": [{"lang": "en", "value": "CAPEC-556 Replace File Extension Handlers"}]}, {"capecId": "CAPEC-558", "descriptions": [{"lang": "en", "value": "CAPEC-558 Replace Trusted Executable"}]}, {"capecId": "CAPEC-562", "descriptions": [{"lang": "en", "value": "CAPEC-562 Modify Shared File"}]}, {"capecId": "CAPEC-563", "descriptions": [{"lang": "en", "value": "CAPEC-563 Add Malicious File to Shared Webroot"}]}, {"capecId": "CAPEC-564", "descriptions": [{"lang": "en", "value": "CAPEC-564 Run Software at Logon"}]}, {"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1390", "description": "CWE-1390 Weak Authentication", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-923", "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2024-06-27T09:40:31.861Z"}, "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"}], "source": {"advisory": "TR-24-0808", "defect": ["TR-24-0808"], "discovery": "UNKNOWN"}, "title": "Improper Access Control in Talya Informatics' Elektraweb", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "talya_informatics", "product": "elektraweb", "cpes": ["cpe:2.3:a:talya_informatics:elektraweb:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "v17.0.68", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-24T13:32:07.238546Z", "id": "CVE-2024-0949", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T13:37:21.437Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:26:28.980Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0808", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0808", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:26:28.980Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0949", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-24T13:32:07.238546Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:talya_informatics:elektraweb:*:*:*:*:*:*:*:*"], "vendor": "talya_informatics", "product": "elektraweb", "versions": [{"status": "affected", "version": "0", "lessThan": "v17.0.68", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T13:35:16.680Z"}}], "cna": {"title": "Improper Access Control in Talya Informatics' Elektraweb", "source": {"defect": ["TR-24-0808"], "advisory": "TR-24-0808", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Yusuf Kamil \u00c7AVU\u015eO\u011eLU"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}, {"capecId": "CAPEC-76", "descriptions": [{"lang": "en", "value": "CAPEC-76 Manipulating Web Input to File System Calls"}]}, {"capecId": "CAPEC-19", "descriptions": [{"lang": "en", "value": "CAPEC-19 Embedding Scripts within Scripts"}]}, {"capecId": "CAPEC-441", "descriptions": [{"lang": "en", "value": "CAPEC-441 Malicious Logic Insertion"}]}, {"capecId": "CAPEC-478", "descriptions": [{"lang": "en", "value": "CAPEC-478 Modification of Windows Service Configuration"}]}, {"capecId": "CAPEC-479", "descriptions": [{"lang": "en", "value": "CAPEC-479 Malicious Root Certificate"}]}, {"capecId": "CAPEC-502", "descriptions": [{"lang": "en", "value": "CAPEC-502 Intent Spoof"}]}, {"capecId": "CAPEC-503", "descriptions": [{"lang": "en", "value": "CAPEC-503 WebView Exposure"}]}, {"capecId": "CAPEC-536", "descriptions": [{"lang": "en", "value": "CAPEC-536 Data Injected During Configuration"}]}, {"capecId": "CAPEC-546", "descriptions": [{"lang": "en", "value": "CAPEC-546 Incomplete Data Deletion in a Multi-Tenant Environment"}]}, {"capecId": "CAPEC-550", "descriptions": [{"lang": "en", "value": "CAPEC-550 Install New Service"}]}, {"capecId": "CAPEC-551", "descriptions": [{"lang": "en", "value": "CAPEC-551 Modify Existing Service"}]}, {"capecId": "CAPEC-552", "descriptions": [{"lang": "en", "value": "CAPEC-552 Install Rootkit"}]}, {"capecId": "CAPEC-556", "descriptions": [{"lang": "en", "value": "CAPEC-556 Replace File Extension Handlers"}]}, {"capecId": "CAPEC-558", "descriptions": [{"lang": "en", "value": "CAPEC-558 Replace Trusted Executable"}]}, {"capecId": "CAPEC-562", "descriptions": [{"lang": "en", "value": "CAPEC-562 Modify Shared File"}]}, {"capecId": "CAPEC-563", "descriptions": [{"lang": "en", "value": "CAPEC-563 Add Malicious File to Shared Webroot"}]}, {"capecId": "CAPEC-564", "descriptions": [{"lang": "en", "value": "CAPEC-564 Run Software at Logon"}]}, {"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Talya Informatics", "product": "Elektraweb", "versions": [{"status": "affected", "version": "0", "lessThan": "v17.0.68", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0808"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68.", "supportingMedia": [{"type": "text/html", "value": "Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.<p>This issue affects Elektraweb: before v17.0.68.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1390", "description": "CWE-1390 Weak Authentication"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-923", "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2024-06-27T09:40:31.861Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0949", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:26:28.980Z", "dateReserved": "2024-01-26T13:00:20.711Z", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "datePublished": "2024-06-27T09:36:59.897Z", "assignerShortName": "TR-CERT"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68."}, {"lang": "es", "value": "Vulnerabilidades de control de acceso inadecuado, autorizaci\u00f3n faltante, autorizaci\u00f3n incorrecta, asignaci\u00f3n de permisos incorrecta para recursos cr\u00edticos, autenticaci\u00f3n faltante, autenticaci\u00f3n d\u00e9bil, restricci\u00f3n inadecuada del canal de comunicaci\u00f3n a los endpoint previstos en Talya Informatics Elektraweb permiten explotar niveles de seguridad de control de acceso configurados incorrectamente, manipular la entrada web a las Llamadas al sistema de archivos, incrustaci\u00f3n de scripts dentro de scripts, inserci\u00f3n de l\u00f3gica maliciosa, modificaci\u00f3n de la configuraci\u00f3n del servicio de Windows, certificado ra\u00edz malicioso, intento de falsificaci\u00f3n , exposici\u00f3n de WebView, datos inyectados durante la configuraci\u00f3n, eliminaci\u00f3n incompleta de datos en un entorno multi tenant, instalaci\u00f3n de un nuevo servicio, modificaci\u00f3n de un servicio existente , Instalar Rootkit, Reemplazar controladores de extensi\u00f3n de archivos, Reemplazar ejecutable confiable, Modificar archivo compartido, Agregar archivo malicioso a Webroot compartido, Ejecutar software al iniciar sesi\u00f3n, Deshabilitar software de seguridad. Este problema afecta a Elektraweb: anterior a v17.0.68."}], "id": "CVE-2024-0949", "lastModified": "2024-11-21T08:47:51.233", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-06-27T10:15:13.013", "references": [{"source": "[email protected]", "url": "https://www.usom.gov.tr/bildirim/tr-24-0808"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.usom.gov.tr/bildirim/tr-24-0808"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-732"}, {"lang": "en", "value": "CWE-862"}, {"lang": "en", "value": "CWE-863"}, {"lang": "en", "value": "CWE-923"}, {"lang": "en", "value": "CWE-1390"}], "source": "[email protected]", "type": "Secondary"}]}

{}