admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-31 18:00:33 +00:00
parent e262a2b8be
commit 02c9c9c47e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 122 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
2023/28xxx/CVE-2023-28013.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.\n"
"value": "HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. By tricking a user into entering crafted markup a remote, unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.\n"
}
]
},
@ -31,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "HCL Software ",
"vendor_name": "HCL Software",
"product": {
"product_data": [
{
"product_name": "HCL BigFix Mobile",
"product_name": "HCL Verse",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0"
"version_value": "< 3.1"
}
]
}
@ -54,9 +54,9 @@
"references": {
"reference_data": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105905",
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371"
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105905"
}
]
},
@ -72,14 +72,14 @@
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
]

30
2023/28xxx/CVE-2023-28023.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network).\u00a0\n"
"value": "HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. An attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.\n"
}
]
},
@ -35,12 +35,12 @@
"product": {
"product_data": [
{
"product_name": "HCL BigFix WebUI Software Distribution",
"product_name": "HCL Verse",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<=44"
"version_value": "< 3.1"
}
]
}
@ -54,9 +54,9 @@
"references": {
"reference_data": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105904",
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123"
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105904"
}
]
},
@ -69,17 +69,17 @@
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
]

56
2023/38xxx/CVE-2023-38989.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38989",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-38989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/thinkgem/jeesite/issues/518",
"refsource": "MISC",
"name": "https://github.com/thinkgem/jeesite/issues/518"
}
]
}

18
2023/39xxx/CVE-2023-39410.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39410",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2023/3xxx/CVE-2023-3446.json
View File

@ -108,6 +108,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/19/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/31/1"
}
]
},

5
2023/3xxx/CVE-2023-3817.json
View File

@ -93,6 +93,11 @@
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644",
"refsource": "MISC",
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/31/1"
}
]
},

18
2023/4xxx/CVE-2023-4031.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4031",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}