{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T16:53:39.051","vulnerabilities":[{"cve":{"id":"CVE-2024-23756","sourceIdentifier":"cve@mitre.org","published":"2024-02-08T21:15:08.380","lastModified":"2025-05-15T20:15:44.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them."},{"lang":"es","value":"Los métodos HTTP PUT y DELETE están habilitados en la versión 5.2.13 (5221) oficial de Docker de Plone, lo que permite a atacantes no autenticados ejecutar acciones peligrosas como cargar archivos al servidor o eliminarlos."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plone:plone:5.2.13:*:*:*:*:*:*:*","matchCriteriaId":"BAB57250-2183-41C5-9EC2-6D32A991516D"}]}]}],"references":[{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23756","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23756","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}