{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T00:16:44.175","vulnerabilities":[{"cve":{"id":"CVE-2024-5399","sourceIdentifier":"twcert@cert.org.tw","published":"2024-05-27T04:15:09.300","lastModified":"2026-01-26T13:49:40.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."},{"lang":"es","value":"Openfind Mail2000 no filtra correctamente los parámetros de una API específica. Los atacantes remotos con privilegios administrativos pueden aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios del sistema en el servidor remoto."}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:*","matchCriteriaId":"1762976A-2372-49D5-BD94-77F8C0C86DC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*","matchCriteriaId":"DC17A2D8-B006-4738-A6CB-F6B277460B6B"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}