{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42469", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-08-02T14:13:04.614Z", "datePublished": "2024-08-09T18:12:11.502Z", "dateUpdated": "2024-08-09T18:32:18.245Z"}, "containers": {"cna": {"title": "CometVisu Backend for openHAB affected by RCE through path traversal", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf"}, {"name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", "tags": ["x_refsource_MISC"], "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2"}], "affected": [{"vendor": "openhab", "product": "openhab-webui", "versions": [{"version": "< 4.2.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-08-09T18:12:11.502Z"}, "descriptions": [{"lang": "en", "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. Users should upgrade to version 4.2.1 to receive a patch."}], "source": {"advisory": "GHSA-f729-58x4-gqgf", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "openhab", "product": "openhab", "cpes": ["cpe:2.3:a:openhab:openhab:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.2.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-09T18:31:24.354652Z", "id": "CVE-2024-42469", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-09T18:32:18.245Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42469", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-09T18:31:24.354652Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:openhab:openhab:*:*:*:*:*:*:*:*"], "vendor": "openhab", "product": "openhab", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-09T18:32:12.005Z"}}], "cna": {"title": "CometVisu Backend for openHAB affected by RCE through path traversal", "source": {"advisory": "GHSA-f729-58x4-gqgf", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "openhab", "product": "openhab-webui", "versions": [{"status": "affected", "version": "< 4.2.1"}]}], "references": [{"url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf", "name": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", "name": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. Users should upgrade to version 4.2.1 to receive a patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-08-09T18:12:11.502Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42469", "state": "PUBLISHED", "dateUpdated": "2024-08-09T18:32:18.245Z", "dateReserved": "2024-08-02T14:13:04.614Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-08-09T18:12:11.502Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openhab:openhab:*:*:*:*:*:*:*:*", "matchCriteriaId": "8140B9BF-E3FB-4946-80AE-90E607364AB2", "versionEndExcluding": "4.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. Users should upgrade to version 4.2.1 to receive a patch."}, {"lang": "es", "value": "openHAB, un proveedor de software de automatizaci\u00f3n del hogar de c\u00f3digo abierto, tiene complementos que incluyen el complemento de visualizaci\u00f3n CometVisu. Antes de la versi\u00f3n 4.2.1, los endpoints del sistema de archivos de CometVisu no requieren autenticaci\u00f3n y, adem\u00e1s, el endpoint para actualizar un archivo existente es susceptible a path traversal. Esto hace posible que un atacante sobrescriba archivos existentes en la instancia de openHAB. Si el archivo sobrescrito es un script de shell que se ejecuta m\u00e1s adelante, esta vulnerabilidad puede permitir que un atacante ejecute c\u00f3digo remoto. Los usuarios deben actualizar a la versi\u00f3n 4.2.1 para recibir un parche."}], "id": "CVE-2024-42469", "lastModified": "2024-09-12T16:02:35.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-08-12T13:38:35.187", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-f729-58x4-gqgf"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "[email protected]", "type": "Secondary"}]}

{}