admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-12-10 19:01:01 +00:00
parent 0ceefc7f40
commit 0fe76c1c12
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
11 changed files with 539 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/22xxx/CVE-2023-22939.json
View File

@ -64,7 +64,7 @@
{
"version_affected": "<",
"version_name": "-",
"version_value": "9.2.2209.3"
"version_value": "9.0.2209.3"
}
]
}

6
2023/29xxx/CVE-2023-29348.json
View File

@ -186,9 +186,9 @@
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
]
}

5
2023/36xxx/CVE-2023-36409.json
View File

@ -58,11 +58,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36409",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36409"
},
{
"url": "https://security.gentoo.org/glsa/202402-05",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202402-05"
}
]
},

4
2023/3xxx/CVE-2023-3997.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action."
"value": "Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action."
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "6.1",
"version_name": "-",
"version_value": "6.1.0"
}
]

2
2023/4xxx/CVE-2023-4571.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. \n\nThe vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine."
"value": "In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. \n\nThe vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine."
}
]
},

106
2024/53xxx/CVE-2024-53243.json
View File

@ -1,17 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53243",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Secure Gateway",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.8",
"version_value": "3.8.5"
},
{
"version_affected": "<",
"version_name": "3.7",
"version_value": "3.7.18"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.262"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1201",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1201"
}
]
},
"source": {
"advisory": "SVD-2024-1201"
},
"credits": [
{
"lang": "en",
"value": "Anton (therceman)"
}
],
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

100
2024/53xxx/CVE-2024-53244.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53244",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and 9.1.2312.206, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on \u201c/en-US/app/search/report\u201c endpoint through \u201cs\u201c parameter.<br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Cloud Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.2.2406",
"version_value": "9.2.2406.107"
},
{
"version_affected": "<",
"version_name": "9.2.2403",
"version_value": "9.2.2403.109"
},
{
"version_affected": "<",
"version_name": "9.1.2312",
"version_value": "9.1.2312.206"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1202",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1202"
}
]
},
"source": {
"advisory": "SVD-2024-1202"
},
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
}
]
}

85
2024/53xxx/CVE-2024-53245.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53245",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Cloud Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.1.2312",
"version_value": "9.1.2312.206"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1203",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1203"
}
]
},
"source": {
"advisory": "SVD-2024-1203"
},
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1",
"baseScore": 3.1,
"baseSeverity": "LOW"
}
]
}

105
2024/53xxx/CVE-2024-53246.json
View File

@ -1,17 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53246",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another vulnerability, such as a Risky Commands Bypass, for successful exploitation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.",
"cweId": "CWE-319"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Cloud Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3.2408",
"version_value": "9.3.2408.101"
},
{
"version_affected": "<",
"version_name": "9.2.2406",
"version_value": "9.2.2406.106"
},
{
"version_affected": "<",
"version_name": "9.2.2403",
"version_value": "9.2.2403.111"
},
{
"version_affected": "<",
"version_name": "9.1.2312",
"version_value": "9.1.2312.206"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1204",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1204"
}
]
},
"source": {
"advisory": "SVD-2024-1204"
},
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

101
2024/53xxx/CVE-2024-53247.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53247",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could perform a Remote Code Execution (RCE)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.",
"cweId": "CWE-502"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Secure Gateway",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.7",
"version_value": "3.7.13"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.261"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1205",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1205"
}
]
},
"source": {
"advisory": "SVD-2024-1205"
},
"credits": [
{
"lang": "en",
"value": "Danylo Dmytriiev (DDV_UA)"
}
],
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

61
2024/55xxx/CVE-2024-55550.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-55550",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-55550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"name": "https://www.mitel.com/support/security-advisories"
},
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029"
}
]
}