Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.
References
Link | Resource |
---|---|
https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
15 Feb 2024, 17:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
First Time |
Microsoft windows
Microsoft Linux Apple macos Linux linux Kernel Apple |
15 Feb 2024, 17:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Snowsoftware
Snowsoftware snow Inventory Agent |
|
References | () https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK - Vendor Advisory | |
Summary |
|
|
CPE | cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:* cpe:2.3:a:snowsoftware:snow_inventory_agent:6.12.0:*:*:*:*:*:*:* |
08 Feb 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-08 13:15
Updated : 2024-02-15 17:52
NVD link : CVE-2024-1149
Mitre link : CVE-2024-1149
CVE.ORG link : CVE-2024-1149
JSON object : View
Products Affected
microsoft
- windows
apple
- macos
snowsoftware
- snow_inventory_agent
linux
- linux_kernel
CWE
CWE-347
Improper Verification of Cryptographic Signature