{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-7437",
        "ASSIGNER": "cna@vuldb.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4. Affected is an unknown function of the file /index.php?action=profile;u=2;area=showalerts;do=remove of the component Delete User Handler. The manipulation of the argument aid leads to improper control of resource identifiers. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
                "lang": "deu",
                "value": "Es wurde eine Schwachstelle in SimpleMachines SMF 2.1.4 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /index.php?action=profile;u=2;area=showalerts;do=remove der Komponente Delete User Handler. Durch das Manipulieren des Arguments aid mit unbekannten Daten kann eine improper control of resource identifiers-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-99 Improper Control of Resource Identifiers",
                        "cweId": "CWE-99"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "SimpleMachines",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "SMF",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "2.1.4"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://vuldb.com/?id.273522",
                "refsource": "MISC",
                "name": "https://vuldb.com/?id.273522"
            },
            {
                "url": "https://vuldb.com/?ctiid.273522",
                "refsource": "MISC",
                "name": "https://vuldb.com/?ctiid.273522"
            },
            {
                "url": "https://vuldb.com/?submit.380189",
                "refsource": "MISC",
                "name": "https://vuldb.com/?submit.380189"
            },
            {
                "url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc1.md",
                "refsource": "MISC",
                "name": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc1.md"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "Fewwords (VulDB User)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "baseScore": 5.4,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "3.0",
                "baseScore": 5.4,
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "2.0",
                "baseScore": 5.5,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P"
            }
        ]
    }
}