CVE-2024-2055

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user.

CVSS

No CVSS.

References

Link	Resource
http://seclists.org/fulldisclosure/2024/Mar/13
https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt

Configurations

No configuration.

History

06 Mar 2024, 15:18

Type	Values Removed	Values Added
Summary		(es) La función "Rich Filemanager" de Artica Proxy proporciona una interfaz basada en web para capacidades de administración de archivos. Cuando la función está habilitada, no requiere autenticación de forma predeterminada y se ejecuta como usuario raíz.

05 Mar 2024, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-05 20:16

Updated : 2024-03-06 15:18

NVD link : CVE-2024-2055

Mitre link : CVE-2024-2055

CVE.ORG link : CVE-2024-2055

JSON object : View

Products Affected

No product.

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-552

Files or Directories Accessible to External Parties

JSON object

Attach tags to CVE-2024-2055

Attach tags to `CVE-2024-2055`