{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12840", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "REJECTED", "assignerShortName": "redhat", "dateReserved": "2024-12-20T12:10:24.705Z", "datePublished": "2024-12-20T15:47:17.402Z", "dateUpdated": "2025-05-12T20:16:41.146Z", "dateRejected": "2025-05-12T20:16:41.146Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Red Hat Product Security has come to the conclusion that this CVE is not needed. The problem described was inteded behavior and therefore not a bug."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-12T20:16:41.146Z"}}}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12840", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "REJECTED", "assignerShortName": "redhat", "dateReserved": "2024-12-20T12:10:24.705Z", "datePublished": "2024-12-20T15:47:17.402Z", "dateUpdated": "2025-05-12T20:16:41.146Z", "dateRejected": "2025-05-12T20:16:41.146Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Red Hat Product Security has come to the conclusion that this CVE is not needed. The problem described was inteded behavior and therefore not a bug."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-12T20:16:41.146Z"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. The problem described was inteded behavior and therefore not a bug."}], "id": "CVE-2024-12840", "lastModified": "2025-05-12T21:15:46.300", "metrics": {}, "published": "2024-12-20T16:15:23.417", "references": [], "sourceIdentifier": "[email protected]", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "http proxies: Satellite: Service side request forgery in http proxies", "id": "2333494", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333494"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N", "status": "draft"}, "cwe": "CWE-918", "details": ["A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-12840", "package_state": [{"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "security", "product_name": "Red Hat Satellite 6"}], "public_date": "2024-12-20T12:20:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12840\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12840"], "threat_severity": "Moderate"}