CVE-2024-29442

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-29442
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

27 May 2024, 01:15

Type Values Removed Values Added
References
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/2', 'source': 'cve@mitre.org'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/3', 'source': 'cve@mitre.org'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/4', 'source': 'cve@mitre.org'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/5', 'source': 'cve@mitre.org'}
  • {'url': 'https://github.com/yashpatelphd/CVE-2024-29442', 'source': 'cve@mitre.org'}
Summary
  • (es) Se ha descubierto una vulnerabilidad de acceso no autorizado en las versiones de ROS2 Humble Hawksbill donde ROS_VERSION es 2 y ROS_PYTHON_VERSION es 3. Esta vulnerabilidad podría permitir potencialmente que un usuario malintencionado obtenga acceso no autorizado a múltiples nodos ROS2 de forma remota. El acceso no autorizado a estos nodos podría comprometer la integridad del sistema, la ejecución de comandos arbitrarios y la divulgación de información confidencial.
Summary (en) An unauthorized access vulnerability has been discovered in ROS2 Humble Hawksbill versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. (en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

01 May 2024, 19:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/23/5 -

01 May 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/23/3 -

01 May 2024, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/23/2 -
  • () http://www.openwall.com/lists/oss-security/2024/04/23/4 -

17 Apr 2024, 01:15

Type Values Removed Values Added
Summary (en) An unauthorized access vulnerability has been discovered in ROS2 Humble Hawksbill versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. (en) An unauthorized access vulnerability has been discovered in ROS2 Humble Hawksbill versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.

25 Mar 2024, 22:37

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-25 22:37

Updated : 2024-05-27 01:15

NVD link : CVE-2024-29442

Mitre link : CVE-2024-29442

CVE.ORG link : CVE-2024-29442

JSON object : View

Products Affected

No product.

CWE

No CWE.