A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plugin function.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://zuso.ai/advisory/za-2024-11 |
History
Wed, 27 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Galaxy Software Services Corporation
Galaxy Software Services Corporation iota C.ai Conversational Platform |
|
CPEs | cpe:2.3:a:galaxy_software_services_corporation:iota_c.ai_conversational_platform:*:*:*:*:*:*:*:* | |
Vendors & Products |
Galaxy Software Services Corporation
Galaxy Software Services Corporation iota C.ai Conversational Platform |
|
Metrics |
ssvc
|
Wed, 27 Nov 2024 05:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plugin function. | |
Title | iota C.ai Conversational Platform - Improper Verification of Cryptographic Signature | |
Weaknesses | CWE-347 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: ZUSO ART
Published: 2024-11-27T05:22:47.950Z
Updated: 2024-11-27T14:46:28.815Z
Reserved: 2024-11-18T08:24:35.610Z
Link: CVE-2024-52958
Vulnrichment
Updated: 2024-11-27T14:46:08.758Z
NVD
Status : Received
Published: 2024-11-27T06:15:18.590
Modified: 2024-11-27T06:15:18.590
Link: CVE-2024-52958
Redhat
No data.