Multiple vulnerabilities in Allegra
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2024-22507 CVE-2024-22504 CVE-2023-22528 CVE-2024-22505 CVE-2024-22506 CVE-2024-22510 CVE-2024-22512 CVE-2024-22513 CVE-2024-22532 CVE-2024-22530 |
| CWE-ID | CWE-22 CWE-798 CWE-502 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Allegra Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | Steinbeis GmbH & Co. KG |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU86365
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22507
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the downloadAttachmentGlobal action. A remote user can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-112/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU86364
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22504
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the extarctZippedFile method. A remote user can pass a specially crafted ZIP file to the application and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-107/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU86363
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the uploadSimpleFile method. A remote user can send a specially crafted HTTP request and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-109/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Path traversal
EUVDB-ID: #VU86362
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the downloadExportedChart action. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-110/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use of hard-coded credentials
EUVDB-ID: #VU86361
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials within the configuration of a database. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-111/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Path traversal
EUVDB-ID: #VU86360
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the saveFile method. A remote user can send a specially crafted HTTP request and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-104/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Path traversal
EUVDB-ID: #VU86359
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22528
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the saveInlineEdit method. A remote user can send a specially crafted HTTP request and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-108/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Deserialization of Untrusted Data
EUVDB-ID: #VU86358
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22505
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the renderFieldMatch method. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-106/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Deserialization of Untrusted Data
EUVDB-ID: #VU86357
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22506
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the loadFieldMatch method. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-105/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Path traversal
EUVDB-ID: #VU86356
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22510
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the uploadFile method. A remote user can send a specially crafted HTTP request and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-103/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper access control
EUVDB-ID: #VU86354
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22512
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an error in Struts configuration. A remote attacker can bypass implemented security restrictions and execute arbitrary code on the system.
Install updates from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-102/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Path traversal
EUVDB-ID: #VU86353
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22513
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences within the unzipFile method. A remote user can pass a specially crafted archive to the application and overwrite arbitrary files on the system, leading to a system compromise.
Install update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-101/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Path traversal
EUVDB-ID: #VU86351
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22532
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the serveMathJaxLibraries method. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, including stored credentials.
MitigationInstall update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-100/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Path traversal
EUVDB-ID: #VU86350
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22530
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the getFileContentAsString method. A remote user can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAllegra: 5.1.0 - 7.5.0
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-24-099/
http://www.trackplus.com/en/service/release-notes-reader/7-5-1-release-notes-2.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
