{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Er zijn kwetsbaarheden verholpen in Oracle PeopleSoft.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28756" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42503" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0232" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21122" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21154" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21158" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21178" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21180" }, { "category": "external", "summary": "Source - nvd", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308" }, { "category": "external", "summary": "Reference - oracle", "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json" }, { "category": "external", "summary": "Reference - cveprojectv5; ibm; nvd; oracle", "url": "https://www.oracle.com/security-alerts/cpujul2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle PeopleSoft", "tracking": { "current_release_date": "2024-07-17T13:55:12.225033Z", "id": "NCSC-2024-0304", "initial_release_date": "2024-07-17T13:55:12.225033Z", "revision_history": [ { "date": "2024-07-17T13:55:12.225033Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "peoplesoft_enterprise_hcm_human_resources", "product": { "name": "peoplesoft_enterprise_hcm_human_resources", "product_id": "CSAFPID-1503562", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_hcm_shared_components", "product": { "name": "peoplesoft_enterprise_hcm_shared_components", "product_id": "CSAFPID-1503525", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-1502323", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:peoplesoft_enterprise_pt_peopletools:8.59:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-1502324", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:peoplesoft_enterprise_pt_peopletools:8.60:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-1502325", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:peoplesoft_enterprise_pt_peopletools:8.61:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle_corporation" }, { "branches": [ { "category": "product_name", "name": "enterprise_manager_for_peoplesoft", "product": { "name": "enterprise_manager_for_peoplesoft", "product_id": "CSAFPID-204465", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.5.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_cc_common_application_objects", "product": { "name": "peoplesoft_enterprise_cc_common_application_objects", "product_id": "CSAFPID-449779", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_crm_client_management", "product": { "name": "peoplesoft_enterprise_crm_client_management", "product_id": "CSAFPID-912607", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_crm_client_management:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_hcm_benefits_administration", "product": { "name": "peoplesoft_enterprise_hcm_benefits_administration", "product_id": "CSAFPID-912052", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_benefits_administration:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_hcm_global_payroll_switzerland", "product": { "name": "peoplesoft_enterprise_hcm_global_payroll_switzerland", "product_id": "CSAFPID-611596", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_switzerland:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_hcm_human_resources", "product": { "name": "peoplesoft_enterprise_hcm_human_resources", "product_id": "CSAFPID-172663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_hcm_shared_components", "product": { "name": "peoplesoft_enterprise_hcm_shared_components", "product_id": "CSAFPID-607590", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503667", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503672", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503676", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503669", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503673", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1503678", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1682", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-1681", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_peopletools", "product": { "name": "peoplesoft_enterprise_peopletools", "product_id": "CSAFPID-816362", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-220642", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.59:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-1504082", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.60:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "peoplesoft_enterprise_pt_peopletools", "product": { "name": "peoplesoft_enterprise_pt_peopletools", "product_id": "CSAFPID-1504081", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.61:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-28756", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] }, "references": [ { "category": "self", "summary": "CVE-2023-28756", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28756.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] } ], "title": "CVE-2023-28756" }, { "cve": "CVE-2023-42503", "product_status": { "known_affected": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-204465", "CSAFPID-449779", "CSAFPID-611596", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] }, "references": [ { "category": "self", "summary": "CVE-2023-42503", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42503.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-204465", "CSAFPID-449779", "CSAFPID-611596", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] } ], "title": "CVE-2023-42503" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "product_status": { "known_affected": [ "CSAFPID-1682", "CSAFPID-1681", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] }, "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1682", "CSAFPID-1681", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2024-0232", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-0232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json" } ], "title": "CVE-2024-0232" }, { "cve": "CVE-2024-21122", "product_status": { "known_affected": [ "CSAFPID-1503525", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21122", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21122.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1503525", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] } ], "title": "CVE-2024-21122" }, { "cve": "CVE-2024-21154", "product_status": { "known_affected": [ "CSAFPID-1503562", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21154", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21154.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1503562", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] } ], "title": "CVE-2024-21154" }, { "cve": "CVE-2024-21158", "product_status": { "known_affected": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21158", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21158.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] } ], "title": "CVE-2024-21158" }, { "cve": "CVE-2024-21178", "product_status": { "known_affected": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21178", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21178.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] } ], "title": "CVE-2024-21178" }, { "cve": "CVE-2024-21180", "product_status": { "known_affected": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21180", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21180.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", "baseScore": 4.1, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1502323", "CSAFPID-1502324", "CSAFPID-1502325", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362" ] } ], "title": "CVE-2024-21180" }, { "cve": "CVE-2024-26308", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26308", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-912052", "CSAFPID-912607", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678" ] } ], "title": "CVE-2024-26308" } ] }