{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T05:44:13.732","vulnerabilities":[{"cve":{"id":"CVE-2024-2056","sourceIdentifier":"cve@takeonme.org","published":"2024-03-05T20:16:01.703","lastModified":"2026-01-12T15:44:02.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the \"tailon\" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed."},{"lang":"es","value":"Los servicios que se están ejecutando y vinculados a la interfaz de bucle invertido en Artica Proxy son accesibles a través del servicio de proxy. En particular, el servicio \"tailon\" se está ejecutando, ejecutándose como usuario root, está vinculado a la interfaz loopback y está escuchando en el puerto TCP 7050. Los problemas de seguridad asociados con la exposición de este servicio de red están documentados en el repositorio de GitHub \"tailon\" de gvalkov. Utilizando el servicio Tailon, se puede ver el contenido de cualquier archivo en Artica Proxy."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"cve@takeonme.org","type":"Secondary","description":[{"lang":"en","value":"CWE-288"},{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:articatech:artica_proxy:4.50.000000:-:*:*:*:*:*:*","matchCriteriaId":"B991789A-8815-4ECD-A809-23001D727806"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2024/Mar/14","source":"cve@takeonme.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://github.com/gvalkov/tailon#security","source":"cve@takeonme.org","tags":["Not Applicable"]},{"url":"https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt","source":"cve@takeonme.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2024/Mar/14","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://github.com/gvalkov/tailon#security","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}