CVE-2024-2055

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user.
Configurations

No configuration.

History

21 Nov 2024, 09:08

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2024/Mar/13 - () http://seclists.org/fulldisclosure/2024/Mar/13 -
References () https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt - () https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt -

26 Aug 2024, 16:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

06 Mar 2024, 15:18

Type Values Removed Values Added
Summary
  • (es) La función "Rich Filemanager" de Artica Proxy proporciona una interfaz basada en web para capacidades de administración de archivos. Cuando la función está habilitada, no requiere autenticación de forma predeterminada y se ejecuta como usuario raíz.

05 Mar 2024, 20:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-05 20:16

Updated : 2024-11-21 09:08


NVD link : CVE-2024-2055

Mitre link : CVE-2024-2055

CVE.ORG link : CVE-2024-2055


JSON object : View

Products Affected

No product.

CWE
CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-552

Files or Directories Accessible to External Parties