{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-24950", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "assignerShortName": "facebook", "dateUpdated": "2024-08-03T04:29:01.530Z", "dateReserved": "2022-02-11T00:00:00.000Z", "datePublished": "2022-08-16T00:00:00.000Z"}, "containers": {"cna": {"dateAssigned": "2022-02-10T00:00:00.000Z", "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "facebook", "dateUpdated": "2023-02-16T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId()."}], "affected": [{"vendor": "Jason Gauci", "product": "Eternal Terminal", "versions": [{"version": "unspecified", "lessThan": "6.2.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3"}, {"url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3"}, {"name": "[oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs)", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2023/02/16/1"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "Race Condition (CWE-362)", "cweId": "CWE-362"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:29:01.530Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3", "tags": ["x_transferred"]}, {"url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3", "tags": ["x_transferred"]}, {"name": "[oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs)", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2023/02/16/1"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eternal_terminal_project:eternal_terminal:*:*:*:*:*:*:*:*", "matchCriteriaId": "F81EA524-B9EE-48C8-B8BF-8E53D2AAD574", "versionEndExcluding": "6.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId()."}, {"lang": "es", "value": "Se presenta una condici\u00f3n de carrera en Eternal Terminal versiones anteriores a 6.2.0, que permite a un atacante autenticado secuestrar el socket de autorizaci\u00f3n SSH de otros usuarios, permitiendo al atacante iniciar sesi\u00f3n en otros sistemas como los usuarios objetivo. El error est\u00e1 en la funci\u00f3n UserTerminalRouter::getInfoForId()."}], "id": "CVE-2022-24950", "lastModified": "2024-11-21T06:51:26.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-16T01:15:12.437", "references": [{"source": "cve-assign@fb.com", "url": "http://www.openwall.com/lists/oss-security/2023/02/16/1"}, {"source": "cve-assign@fb.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3"}, {"source": "cve-assign@fb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2023/02/16/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac8480f643c43d3c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "cve-assign@fb.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}