CVE-2024-0252

{"id": "CVE-2024-0252", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "0fc0942c-577d-436f-ae8e-945763c79b02", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-01-11T08:15:35.933", "references": [{"url": "https://www.manageengine.com/products/self-service-password/advisory/CVE-2024-0252.html", "tags": ["Vendor Advisory"], "source": "0fc0942c-577d-436f-ae8e-945763c79b02"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "0fc0942c-577d-436f-ae8e-945763c79b02", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "ManageEngine ADSelfService Plus versions\u00a06401\u00a0and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability."}, {"lang": "es", "value": "Las versiones 6401 e inferiores de ManageEngine ADSelfService Plus son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo debido al manejo inadecuado en el componente del balanceador de carga."}], "lastModified": "2024-06-07T09:15:09.347", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B9A77AF-9D42-42A2-84F3-4307E46D917F", "versionEndExcluding": "6.4"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.4:6400:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FCE8818-79BB-41F7-9D2E-43FEE698B325"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.4:6401:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC18D7BD-91CC-4019-B429-BBA4353E8984"}], "operator": "OR"}]}], "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02"}