CVE-2024-4177 - OpenCVE

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Bitdefender	Gravityzone

Configuration 1 [-]

cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:on-premise:*:*:*

References

Link	Resource
https://bitdefender.com/consumer/support/support/security-advisories/host-whitelist-parser-issue-in-gravityzone-console-on-premise-va-11554/	Broken Link
https://www.cve.org/CVERecord?id=CVE-2024-4177	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Bitdefender

Published: 2024-06-06T07:59:22.990Z

Updated: 2024-06-06T13:16:59.465Z

Reserved: 2024-04-25T12:17:29.422Z

Link: CVE-2024-4177

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-06-06T08:15:39.767

Modified: 2024-06-11T17:53:13.710

Link: CVE-2024-4177

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4177", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "state": "PUBLISHED", "assignerShortName": "Bitdefender", "dateReserved": "2024-04-25T12:17:29.422Z", "datePublished": "2024-06-06T07:59:22.990Z", "dateUpdated": "2024-06-06T13:16:59.465Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "GravityZone Console On-Premise", "vendor": "Bitdefender", "versions": [{"lessThan": "6.38.1-2", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Nicolas VERDIER -- n1nj4sec"}], "datePublic": "2024-06-06T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise.<br>"}], "value": "A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise."}], "impacts": [{"capecId": "CAPEC-71", "descriptions": [{"lang": "en", "value": "CAPEC-71 Using Unicode Encoding to Bypass Validation Logic"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2024-06-06T07:59:22.990Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://bitdefender.com/consumer/support/support/security-advisories/host-whitelist-parser-issue-in-gravityzone-console-on-premise-va-11554/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An automatic update to version GravityZone Console On-Premise 6.38.1-2 fixes the issue."}], "value": "An automatic update to version\u00a0GravityZone Console On-Premise 6.38.1-2 fixes the issue."}], "source": {"discovery": "EXTERNAL"}, "title": "Host whitelist parser issue in GravityZone Console On-Premise (VA-11554)", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "bitdefender", "product": "gravityzone", "cpes": ["cpe:2.3:a:bitdefender:gravityzone:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.38.1-2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-06T13:11:41.699535Z", "id": "CVE-2024-4177", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T13:16:59.465Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:on-premise:*:*:*", "matchCriteriaId": "297DEAC6-7C54-44E1-BEAC-86F47C7FB34E", "versionEndExcluding": "6.38.1-2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise."}, {"lang": "es", "value": "Un problema con el analizador de lista blanca de host en el servicio proxy implementado en GravityZone Update Server permite a un atacante provocar server-side request forgery. Este problema solo afecta a las versiones de GravityZone Console anteriores a 6.38.1-2 que se ejecutan \u00fanicamente en las instalaciones."}], "id": "CVE-2024-4177", "lastModified": "2024-06-11T17:53:13.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}, "published": "2024-06-06T08:15:39.767", "references": [{"source": "cve-requests@bitdefender.com", "tags": ["Broken Link"], "url": "https://bitdefender.com/consumer/support/support/security-advisories/host-whitelist-parser-issue-in-gravityzone-console-on-premise-va-11554/"}, {"source": "nvd@nist.gov", "tags": ["Third Party Advisory"], "url": "https://www.cve.org/CVERecord?id=CVE-2024-4177"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-116"}], "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}