CVE-2024-55085

{"id": "CVE-2024-55085", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-12-16T23:15:06.607", "references": [{"url": "https://getsimple-ce.ovh/", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://tasteful-stamp-da4.notion.site/CVE-2024-55085-15b1e0f227cb80a5aee6faeb820bf7e6", "tags": ["Broken Link"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE."}, {"lang": "es", "value": "GetSimple CMS CE 3.3.19 sufre ejecuci\u00f3n de c\u00f3digo arbitrario en la funci\u00f3n de edici\u00f3n de plantillas en el sistema de administraci\u00f3n en segundo plano, que puede ser utilizado por un atacante para implementar RCE."}], "lastModified": "2025-04-17T01:57:38.213", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:getsimple-ce:getsimple_cms:3.3.19:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "51522005-4B31-48E3-98F7-63A59F8F66E8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}