CVE-2024-33620

{"id": "CVE-2024-33620", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2024-06-18T06:15:11.053", "references": [{"url": "https://jvn.jp/en/jp/JVN65171386/", "source": "vultures@jpcert.or.jp"}, {"url": "https://www.fujitsu.com/jp/group/fsas/about/resources/security/2024/0617.html", "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN65171386/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.fujitsu.com/jp/group/fsas/about/resources/security/2024/0617.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-36"}]}], "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker."}, {"lang": "es", "value": "Existe una vulnerabilidad de path traversal absoluta en ID Link Manager y FUJITSU Software TIME CREATOR. Si se explota esta vulnerabilidad, un atacante remoto no autenticado puede recuperar el contenido del archivo, incluida la informaci\u00f3n confidencial del servidor."}], "lastModified": "2024-11-21T09:17:15.550", "sourceIdentifier": "vultures@jpcert.or.jp"}