From 079afc26a98d6f72a528a35577f6e2e0013381c2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 13 Oct 2023 17:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/38xxx/CVE-2023-38817.json | 2 +- 2023/4xxx/CVE-2023-4499.json | 64 +++++++++++++++++++++++++++++++--- 2023/5xxx/CVE-2023-5409.json | 64 +++++++++++++++++++++++++++++++--- 2023/5xxx/CVE-2023-5449.json | 64 +++++++++++++++++++++++++++++++--- 2023/5xxx/CVE-2023-5577.json | 18 ++++++++++ 5 files changed, 199 insertions(+), 13 deletions(-) create mode 100644 2023/5xxx/CVE-2023-5577.json diff --git a/2023/38xxx/CVE-2023-38817.json b/2023/38xxx/CVE-2023-38817.json index c50fc398ba4..132b63e154d 100644 --- a/2023/38xxx/CVE-2023-38817.json +++ b/2023/38xxx/CVE-2023-38817.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component." + "value": "An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\\SYSTEM was \"deactivated by Microsoft itself.\"" } ] }, diff --git a/2023/4xxx/CVE-2023-4499.json b/2023/4xxx/CVE-2023-4499.json index cbcd4ffe58d..139a7dd44fa 100644 --- a/2023/4xxx/CVE-2023-4499.json +++ b/2023/4xxx/CVE-2023-4499.json @@ -1,18 +1,74 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-4499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP ThinUpdate", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "See HP Security Bulletin reference for affected versions.", + "status": "affected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hp.com/us-en/document/ish_9440593-9440618-16", + "refsource": "MISC", + "name": "https://support.hp.com/us-en/document/ish_9440593-9440618-16" + } + ] + }, + "generator": { + "engine": "cveClient/1.0.15" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5409.json b/2023/5xxx/CVE-2023-5409.json index 111e9cc6267..16620e518f2 100644 --- a/2023/5xxx/CVE-2023-5409.json +++ b/2023/5xxx/CVE-2023-5409.json @@ -1,18 +1,74 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5409", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP t430 and t638 Thin Clients", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "See HP Security Bulletin for affected products.", + "status": "affected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hp.com/us-en/document/ish_9441200-9441233-16", + "refsource": "MISC", + "name": "https://support.hp.com/us-en/document/ish_9441200-9441233-16" + } + ] + }, + "generator": { + "engine": "cveClient/1.0.15" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5449.json b/2023/5xxx/CVE-2023-5449.json index 1ea3f8bb649..dbc4d552f9b 100644 --- a/2023/5xxx/CVE-2023-5449.json +++ b/2023/5xxx/CVE-2023-5449.json @@ -1,18 +1,74 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5449", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor\u2019s Theft Deterrence to be deactivated." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP Displays", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "See HP Security Bulletin reference for affected products.", + "status": "affected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hp.com/us-en/document/ish_9438665-9438794-16", + "refsource": "MISC", + "name": "https://support.hp.com/us-en/document/ish_9438665-9438794-16" + } + ] + }, + "generator": { + "engine": "cveClient/1.0.15" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5577.json b/2023/5xxx/CVE-2023-5577.json new file mode 100644 index 00000000000..09b4119260c --- /dev/null +++ b/2023/5xxx/CVE-2023-5577.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-5577", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file