This article discusses the process of discovering Common Vulnerabilities and Exposures (CVE), emphasizing that finding CVEs can be easier than expected. It provides a timeline of CVEs identified by the author in 2024 and details a specific vulnerability in the Ever® Traduora application. The article also outlines the steps for responsibly disclosing vulnerabilities and requesting a CVE. Affected: Ever® Traduora
Keypoints :
- CVE stands for Common Vulnerabilities and Exposures, a dictionary of software vulnerabilities.
- MITRE is the organization that issues CVEs, supported by DHS and CISA.
- Security Analysts and Penetration Testers utilize CVEs to detect new attacks and test systems.
- The author discovered 7 CVEs in 2024, providing a timeline of these findings.
- Details of a specific vulnerability (CVE-2024–53484) in Ever® Traduora are discussed.
- Responsible Disclosure is crucial when reporting vulnerabilities to developers.
- Steps to request a CVE through MITRE are outlined, including filling out a form and providing necessary information.
MITRE Techniques :
- Privilege Escalation (T1068) – Exploited through the creation of a fake JWT token to gain admin access.
- Authentication Bypass (T1190) – Achieved by manipulating the JWT signing key to bypass authentication mechanisms.
- Remote Code Execution (T1203) – Exploited in various software versions as listed in the timeline.
- Stored Cross-Site Scripting (T1171) – Found in UnoPIM versions as detailed in the timeline.
Indicator of Compromise :
- [url] https://github.com/ever-co/ever-traduora
- [url] https://cveform.mitre.org/
- [url] https://www.cve.org/CVERecord?id=CVE-2024-53484
- [url] https://nvd.nist.gov/vuln/detail/CVE-2024-53484
- [url] https://github.com/ever-co/ever-traduora/pull/432/files
- Check the article for all found IoCs.
Views: 0