CVE-2024-1882

{"id": "CVE-2024-1882", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-03-14T04:15:08.003", "references": [{"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024", "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4"}, {"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "description": [{"lang": "en", "value": "CWE-76"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server."}, {"lang": "es", "value": "Esta vulnerabilidad permite que un usuario administrador ya autenticado cree un payload malicioso que podr\u00eda aprovecharse para la ejecuci\u00f3n remota de c\u00f3digo en el servidor que aloja el servidor de aplicaciones PaperCut NG/MF."}], "lastModified": "2024-11-21T08:51:31.073", "sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4"}