On 9/26/24 6:11 PM, Solar Designer wrote:
* CVE-2024-47176 | cups-browsed <= 2.0.1 binds on UDP INADDR_ANY:631
trusting any packet from any source to trigger a
Get-Printer-Attributes IPP request to an attacker controlled URL.
This seems like a plausible and precise description for a vulnerability.
Yet the actual CVE entry is "cups-browsed bugs and other bugs can
combine, leading to info leak and remote code execution"
<https://github.com/CVEProject/cvelistV5/blob/07723f33d3792d747b650a873346400ca5dc2034/cves/2024/47xxx/CVE-2024-47176.json#L15>
and several unrelated CWEs are listed.
Isn't using a single CVE to capture what can happen when multiple
vulnerabilities are chained together... frowned upon?
<https://cve.mitre.org/cve/list_rules_and_guidance/counting_rules.html>
--
Will Dormann | Senior Vulnerability Analyst
ANALYGENCE, Inc.
8115 Maple Lawn Blvd., Suite 110, Fulton, MD 20759
t 412.818.3452 | f 301.812.4252
e will.dorm...@analygence.com | w analygence.com
