{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T02:46:39.239","vulnerabilities":[{"cve":{"id":"CVE-2024-1149","sourceIdentifier":"security@snowsoftware.com","published":"2024-02-08T13:15:09.147","lastModified":"2024-11-21T08:49:54.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.\n\n"},{"lang":"es","value":"Verificación incorrecta de la vulnerabilidad de firma criptográfica en Snow Software Inventory Agent en MacOS, Snow Software Inventory Agent en Windows y Snow Software Inventory Agent en Linux permite la manipulación de archivos a través de paquetes de actualización Snow. Este problema afecta a Inventory Agent: hasta 6.12.0; Agente de Inventario: hasta 6.14.5; Agente de Inventario: hasta 6.7.2."}],"metrics":{"cvssMetricV31":[{"source":"security@snowsoftware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@snowsoftware.com","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:*","versionEndExcluding":"6.7.2","matchCriteriaId":"E82E3DB3-2CBC-44BB-A553-682431C08AF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:*","versionStartIncluding":"6.14.0","versionEndExcluding":"6.14.5","matchCriteriaId":"5C9FF448-B8FA-4A84-802C-370D5D902E2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:snowsoftware:snow_inventory_agent:6.12.0:*:*:*:*:*:*:*","matchCriteriaId":"D7B7E019-F9A5-4CF5-9C4D-B56119AF80CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK","source":"security@snowsoftware.com","tags":["Vendor Advisory"]},{"url":"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}