CVE-2024-47177

ADVISORY - nist

Summary

CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to FoomaticRIPCommandLine via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution.

EPSS Score⁠: 0.00044 (0.116)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-77⁠

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ADVISORY - redhat

CWE-77⁠

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Impacted images

Advisories

NIST

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-47177⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

9critical

Debian

CREATED

2 months ago

UPDATED

12 days ago

ADVISORY IDCVE-2024-47177⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-47177⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-47177⁠

EXPLOITABILITY SCORE

1.3

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.1high

intheWild

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-47177⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY