Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.
References
Link | Resource |
---|---|
https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
15 Feb 2024, 17:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
First Time |
Apple macos
Linux linux Kernel Microsoft windows Apple Microsoft Linux |
15 Feb 2024, 17:30
Type | Values Removed | Values Added |
---|---|---|
First Time |
Snowsoftware snow Inventory Agent
Snowsoftware |
|
References | () https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK - Vendor Advisory | |
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:* cpe:2.3:a:snowsoftware:snow_inventory_agent:6.12.0:*:*:*:*:*:*:* |
08 Feb 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-08 13:15
Updated : 2024-02-15 17:52
NVD link : CVE-2024-1149
Mitre link : CVE-2024-1149
CVE.ORG link : CVE-2024-1149
JSON object : View
Products Affected
apple
- macos
microsoft
- windows
linux
- linux_kernel
snowsoftware
- snow_inventory_agent
CWE
CWE-347
Improper Verification of Cryptographic Signature