FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-1681

Improper Output Neutralization for Logs (CWE-117)

Published: Apr 19, 2024 / Updated: 7mo ago

010
No CVSS yetEPSS 0.04%
CVE info copied to clipboard

corydolphin/flask-cors is vulnerable to log injection when the log level is set to debug. An attacker can inject fake log entries into the log file by sending a specially crafted GET request containing a CRLF sequence in the request path. This vulnerability allows attackers to corrupt log files, potentially covering tracks of other attacks, confusing log post-processing tools, and forging log entries. The issue is due to improper output neutralization for logs.

Timeline

CVE Assignment

NVD published the first details for CVE-2024-1681

Apr 19, 2024 at 8:15 PM
First Article

Feedly found the first article mentioning CVE-2024-1681. See article

Apr 19, 2024 at 8:21 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Apr 19, 2024 at 8:21 PM
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Apr 19, 2024 at 9:14 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.3%)

Apr 20, 2024 at 9:38 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (998579)

May 2, 2024 at 7:53 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.3%)

May 6, 2024 at 9:47 PM
Static CVE Timeline Graph

Affected Systems

Ibm/maximo_application_suite
+null more

Links to Mitre Att&cks

T1070: Indicator Removal on Host
+null more

Attack Patterns

CAPEC-268: Audit Log Manipulation
+null more

News

Multiple vulnerabilities in IBM Maximo Application Suite - Visual Inspection Component
Security feed from CyberSecurity Help / 28d
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack. The vulnerability allows a remote attacker to gain access to sensitive information.
Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, Flask_Cors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171
Vulners.com RSS Feed / 29d
Summary Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, Flask_Cors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171 Vulnerability Details CVEID:CVE-2024-28863 DESCRIPTION: isaacs node-tar is vulnerable to a denial of service, caused by the lack of folders count validation. By sending a specially crafted request, an remote attacker could exploit this vulnerability to cause a denial of service. CWE:CWE-400: Uncontrolled Resource Consumption CVSS Source: IBM X-Force CVSS Base score: 6.5 CVSS Vector:(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID:CVE-2024-1681 DESCRIPTION: Flask-CORS could allow a remote attacker to bypass security restrictions, caused by a log injection flaw when the log level is set to debug. By sending a specially crafted GET request containing a CRLF sequence in the request path, an attacker could exploit this vulnerability to confuse log post-processing tools, and forging log entries.
Improper output neutralization for logs in IBM Maximo Application Suite
Security feed from CyberSecurity Help / 3mo
The vulnerability allows a remote attacker to modify data on the system. Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Security Bulletin: IBM Maximo Application Suite uses Flask_Cors-4.0.0-py2.py3-none-any.whl which is vulnerable to CVE-2024-1681
Vulners.com RSS Feed / 3mo
Summary IBM Maximo Application Suite uses Flask_Cors-4.0.0-py2.py3-none-any.whl which is vulnerable to CVE-2024-1681. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-1681 DESCRIPTION: **Flask-CORS could allow a remote attacker to bypass security restrictions, caused by a log injection flaw when the log level is set to debug. By sending a specially crafted GET request containing a CRLF sequence in the request path, an attacker could exploit this vulnerability to confuse log post-processing tools, and forging log entries. CVSS Base score: 5.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/289211 for the current score.
openEuler 24.03 LTS update for python-Flask-Cors
Security feed from CyberSecurity Help / 3mo
This security bulletin contains one medium risk vulnerability. The vulnerability allows a remote attacker to modify data on the system.
See 11 more articles and social media posts

CVSS V3.1

Unknown

Categories

CWE-117(81)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial