CVE-2024-48359
Improper Control of Generation of Code ('Code Injection') (CWE-94)
Summary
A remote code execution (RCE) vulnerability was discovered in Qualitor v8.24. The vulnerability is exploitable via the gridValoresPopHidden parameter. This vulnerability is associated with CWE-94, which is Improper Control of Generation of Code ('Code Injection').
Impact
The impact of this vulnerability is severe. It allows for remote code execution, which means an attacker could potentially execute arbitrary code on the affected system. This could lead to a complete compromise of the system's confidentiality, integrity, and availability. The CVSS v3.1 base score is 9.8 out of 10, which is considered Critical. The impact metrics show HIGH for confidentiality, integrity, and availability, indicating that there is a total loss of protection for all system resources. The attack vector is NETWORK, meaning it can be exploited remotely, and it requires NO user interaction and NO privileges, making it easily exploitable.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
As of the provided information, there is no mention of an available patch. The security team should closely monitor for any updates or patches released by Qualitor for version 8.24 and any subsequent versions.
Mitigation
While waiting for an official patch, the security team should consider the following mitigation strategies: 1. Restrict network access to the Qualitor application, especially the component that uses the gridValoresPopHidden parameter. 2. Implement strong input validation and sanitization for all user-supplied data, particularly for the gridValoresPopHidden parameter. 3. Use Web Application Firewalls (WAF) to filter out potentially malicious requests. 4. Monitor systems running Qualitor v8.24 for any suspicious activities or unauthorized code execution. 5. If possible, consider temporarily disabling or limiting functionality related to the vulnerable parameter until a patch is available. 6. Keep the Qualitor application and its underlying systems up-to-date with the latest security patches for other components. 7. Implement the principle of least privilege for accounts that interact with the Qualitor application. Given the critical nature of this vulnerability, it should be prioritized for immediate attention and remediation as soon as a patch becomes available.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
Feedly found the first article mentioning CVE-2024-48359. See article
Feedly estimated the CVSS score as HIGH
NVD published the first details for CVE-2024-48359
EPSS Score was set to: 0.04% (Percentile: 9.9%)
A CVSS base score of 9.8 has been assigned.