Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2.
Published: 2024-08-12
Score: 10 Critical
EPSS: 1.6% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-47904 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2.
History

Tue, 13 Aug 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Veribase veribase Order Management
CPEs cpe:2.3:a:veribase:veribase_order_management:*:*:*:*:*:*:*:*
Vendors & Products Veribase veribase Order Management
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 13 Aug 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Veribase
Veribase order Management
CPEs cpe:2.3:a:veribase:order_management:*:*:*:*:*:*:*:*
Vendors & Products Veribase
Veribase order Management
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 12 Aug 2024 15:00:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2.
Title RCE in Veribilim Software's Veribase Order Management
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Veribase Order Management Veribase Order Management
cve-icon MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published:

Updated: 2024-08-13T17:52:16.135Z

Reserved: 2024-07-19T11:28:05.849Z

Link: CVE-2024-6917

cve-icon Vulnrichment

Updated: 2024-08-13T17:52:06.407Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-12T15:15:21.967

Modified: 2024-08-13T17:14:51.100

Link: CVE-2024-6917

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses