CVE-2024-39717

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39717
The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.

7.2 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:versa-networks:versa_director:21.2.3:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:22.1.2:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:21.2.2:*:*:*:*:*:*:*
History

28 Aug 2024, 19:47

Type Values Removed Values Added
References () https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ - () https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ - Vendor Advisory

27 Aug 2024, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2', 'name': 'https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2', 'tags': ['Permissions Required'], 'refsource': ''}
  • {'url': 'https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3', 'name': 'https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3', 'tags': ['Permissions Required'], 'refsource': ''}
  • {'url': 'https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3', 'name': 'https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3', 'tags': ['Permissions Required'], 'refsource': ''}
  • {'url': 'https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation', 'name': 'https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation', 'tags': ['Permissions Required'], 'refsource': ''}
  • () https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ -
Summary The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in. Severity: HIGH Exploitation Status: Versa Networks is aware of one confirmed customer reported instance where this vulnerability was exploited because the Firewall guidelines which were published in 2015 & 2017 were not implemented by that customer. This non-implementation resulted in the bad actor being able to exploit this vulnerability without using the GUI. In our testing (not exhaustive, as not all numerical versions of major browsers were tested) the malicious file does not get executed on the client. There are reports of others based on backbone telemetry observations of a 3rd party provider, however these are unconfirmed to date. The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.

26 Aug 2024, 17:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.2
CWE CWE-434
CPE cpe:2.3:a:versa-networks:versa_director:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:21.2.3:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:22.1.2:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:versa-networks:versa_director:21.2.2:*:*:*:*:*:*:*
References () https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2 - () https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2 - Permissions Required
References () https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3 - () https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3 - Permissions Required
References () https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3 - () https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3 - Permissions Required
References () https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation - () https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation - Permissions Required
First Time Versa-networks versa Director
Versa-networks

22 Aug 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-22 19:15

Updated : 2024-08-28 19:47

NVD link : CVE-2024-39717

Mitre link : CVE-2024-39717

JSON object : View

Products Affected

versa-networks

  • versa_director
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type