From 12e8e33cc52159bd32fdb9c1fd01e7f1ffa372b2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 21 Dec 2023 01:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/21xxx/CVE-2022-21985.json | 2 +- 2022/21xxx/CVE-2022-21995.json | 12 -- 2022/21xxx/CVE-2022-21998.json | 2 +- 2022/22xxx/CVE-2022-22002.json | 2 +- 2022/22xxx/CVE-2022-22008.json | 14 +- 2022/22xxx/CVE-2022-22009.json | 12 -- 2022/22xxx/CVE-2022-22710.json | 2 +- 2022/22xxx/CVE-2022-22712.json | 14 +- 2022/22xxx/CVE-2022-22716.json | 2 +- 2022/23xxx/CVE-2022-23252.json | 2 +- 2022/23xxx/CVE-2022-23254.json | 2 +- 2022/23xxx/CVE-2022-23255.json | 2 +- 2022/23xxx/CVE-2022-23256.json | 69 +++---- 2022/23xxx/CVE-2022-23257.json | 14 +- 2022/23xxx/CVE-2022-23259.json | 2 +- 2022/23xxx/CVE-2022-23262.json | 2 +- 2022/23xxx/CVE-2022-23264.json | 2 +- 2022/23xxx/CVE-2022-23268.json | 2 +- 2022/23xxx/CVE-2022-23269.json | 2 +- 2022/23xxx/CVE-2022-23271.json | 2 +- 2022/23xxx/CVE-2022-23280.json | 2 +- 2022/23xxx/CVE-2022-23292.json | 2 +- 2022/24xxx/CVE-2022-24483.json | 2 +- 2022/24xxx/CVE-2022-24484.json | 2 +- 2022/24xxx/CVE-2022-24493.json | 2 +- 2022/24xxx/CVE-2022-24498.json | 2 +- 2022/24xxx/CVE-2022-24500.json | 2 +- 2022/24xxx/CVE-2022-24527.json | 320 ++++----------------------------- 2022/24xxx/CVE-2022-24537.json | 14 +- 2022/24xxx/CVE-2022-24538.json | 2 +- 2022/24xxx/CVE-2022-24541.json | 2 +- 2022/24xxx/CVE-2022-24548.json | 2 +- 2022/26xxx/CVE-2022-26783.json | 2 +- 2022/26xxx/CVE-2022-26784.json | 2 +- 2022/26xxx/CVE-2022-26785.json | 2 +- 2023/29xxx/CVE-2023-29485.json | 56 +++++- 2023/29xxx/CVE-2023-29486.json | 56 +++++- 2023/29xxx/CVE-2023-29487.json | 56 +++++- 2023/45xxx/CVE-2023-45700.json | 77 +++++++- 2023/7xxx/CVE-2023-7020.json | 131 +++++++++++++- 40 files changed, 453 insertions(+), 446 deletions(-) diff --git a/2022/21xxx/CVE-2022-21985.json b/2022/21xxx/CVE-2022-21985.json index f54162fa273..a258c2f3a96 100644 --- a/2022/21xxx/CVE-2022-21985.json +++ b/2022/21xxx/CVE-2022-21985.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/21xxx/CVE-2022-21995.json b/2022/21xxx/CVE-2022-21995.json index ec60ed04e11..6f62e2e6081 100644 --- a/2022/21xxx/CVE-2022-21995.json +++ b/2022/21xxx/CVE-2022-21995.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1526" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { diff --git a/2022/21xxx/CVE-2022-21998.json b/2022/21xxx/CVE-2022-21998.json index 55ecd4d8332..e8405b5ecb4 100644 --- a/2022/21xxx/CVE-2022-21998.json +++ b/2022/21xxx/CVE-2022-21998.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22002.json b/2022/22xxx/CVE-2022-22002.json index 8bb2f927d2a..88ea7d466a8 100644 --- a/2022/22xxx/CVE-2022-22002.json +++ b/2022/22xxx/CVE-2022-22002.json @@ -281,7 +281,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22008.json b/2022/22xxx/CVE-2022-22008.json index 8818110a09b..13909deb29e 100644 --- a/2022/22xxx/CVE-2022-22008.json +++ b/2022/22xxx/CVE-2022-22008.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1645" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -257,7 +245,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22009.json b/2022/22xxx/CVE-2022-22009.json index 6b384897987..dc924bfe99f 100644 --- a/2022/22xxx/CVE-2022-22009.json +++ b/2022/22xxx/CVE-2022-22009.json @@ -58,18 +58,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1645" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { diff --git a/2022/22xxx/CVE-2022-22710.json b/2022/22xxx/CVE-2022-22710.json index 2c94436b584..33cabb38ab7 100644 --- a/2022/22xxx/CVE-2022-22710.json +++ b/2022/22xxx/CVE-2022-22710.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22712.json b/2022/22xxx/CVE-2022-22712.json index 9b5e283a4fe..e008d319dd2 100644 --- a/2022/22xxx/CVE-2022-22712.json +++ b/2022/22xxx/CVE-2022-22712.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1526" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -173,7 +161,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.6, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22716.json b/2022/22xxx/CVE-2022-22716.json index f7e7cfebebb..a79fd66a204 100644 --- a/2022/22xxx/CVE-2022-22716.json +++ b/2022/22xxx/CVE-2022-22716.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23252.json b/2022/23xxx/CVE-2022-23252.json index c0051f78947..078204b20a4 100644 --- a/2022/23xxx/CVE-2022-23252.json +++ b/2022/23xxx/CVE-2022-23252.json @@ -113,7 +113,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23254.json b/2022/23xxx/CVE-2022-23254.json index 7c1792b8421..fbb38da256b 100644 --- a/2022/23xxx/CVE-2022-23254.json +++ b/2022/23xxx/CVE-2022-23254.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23255.json b/2022/23xxx/CVE-2022-23255.json index 6e65ab3e3e8..54f77b313d0 100644 --- a/2022/23xxx/CVE-2022-23255.json +++ b/2022/23xxx/CVE-2022-23255.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23256.json b/2022/23xxx/CVE-2022-23256.json index 85fd4b31722..7f80656e45a 100644 --- a/2022/23xxx/CVE-2022-23256.json +++ b/2022/23xxx/CVE-2022-23256.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-23256", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Azure Data Explorer", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": "Azure Data Explorer Spoofing Vulnerability." + "value": "Azure Data Explorer Spoofing Vulnerability" } ] }, @@ -44,12 +21,36 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "Elevation of Privilege" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Azure Data Explorer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -60,11 +61,13 @@ ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", - "baseScore": "8.1", - "temporalScore": "7.1", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 8.1, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/23xxx/CVE-2022-23257.json b/2022/23xxx/CVE-2022-23257.json index df4b17677e5..31f70b6f203 100644 --- a/2022/23xxx/CVE-2022-23257.json +++ b/2022/23xxx/CVE-2022-23257.json @@ -70,18 +70,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1645" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -137,7 +125,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23259.json b/2022/23xxx/CVE-2022-23259.json index e614882ee04..b89394527e5 100644 --- a/2022/23xxx/CVE-2022-23259.json +++ b/2022/23xxx/CVE-2022-23259.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23262.json b/2022/23xxx/CVE-2022-23262.json index 60c5d78ab73..669a4dfc908 100644 --- a/2022/23xxx/CVE-2022-23262.json +++ b/2022/23xxx/CVE-2022-23262.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23264.json b/2022/23xxx/CVE-2022-23264.json index 44b80592b4f..8e0792a80f1 100644 --- a/2022/23xxx/CVE-2022-23264.json +++ b/2022/23xxx/CVE-2022-23264.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "LOW", + "baseSeverity": "MEDIUM", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23268.json b/2022/23xxx/CVE-2022-23268.json index cbb656ed322..33699da4fa0 100644 --- a/2022/23xxx/CVE-2022-23268.json +++ b/2022/23xxx/CVE-2022-23268.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23269.json b/2022/23xxx/CVE-2022-23269.json index 5088269b84b..476b528aa9c 100644 --- a/2022/23xxx/CVE-2022-23269.json +++ b/2022/23xxx/CVE-2022-23269.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23271.json b/2022/23xxx/CVE-2022-23271.json index 2a670e5f05d..615f728393c 100644 --- a/2022/23xxx/CVE-2022-23271.json +++ b/2022/23xxx/CVE-2022-23271.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23280.json b/2022/23xxx/CVE-2022-23280.json index 7e12cdf45da..5033c5bb055 100644 --- a/2022/23xxx/CVE-2022-23280.json +++ b/2022/23xxx/CVE-2022-23280.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23292.json b/2022/23xxx/CVE-2022-23292.json index 923fb196ba9..eb57df3fb55 100644 --- a/2022/23xxx/CVE-2022-23292.json +++ b/2022/23xxx/CVE-2022-23292.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "LOW", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24483.json b/2022/24xxx/CVE-2022-24483.json index 8bbb989fbfb..86749011b23 100644 --- a/2022/24xxx/CVE-2022-24483.json +++ b/2022/24xxx/CVE-2022-24483.json @@ -281,7 +281,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24484.json b/2022/24xxx/CVE-2022-24484.json index 3a4753027aa..858763f6dd9 100644 --- a/2022/24xxx/CVE-2022-24484.json +++ b/2022/24xxx/CVE-2022-24484.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24493.json b/2022/24xxx/CVE-2022-24493.json index 9d025b29092..4a90880f9c9 100644 --- a/2022/24xxx/CVE-2022-24493.json +++ b/2022/24xxx/CVE-2022-24493.json @@ -329,7 +329,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24498.json b/2022/24xxx/CVE-2022-24498.json index cde7a5ef838..b53ba36096e 100644 --- a/2022/24xxx/CVE-2022-24498.json +++ b/2022/24xxx/CVE-2022-24498.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24500.json b/2022/24xxx/CVE-2022-24500.json index 49776c3e27a..1c7f4a891e7 100644 --- a/2022/24xxx/CVE-2022-24500.json +++ b/2022/24xxx/CVE-2022-24500.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24527.json b/2022/24xxx/CVE-2022-24527.json index 7e8c5aaa098..9b538c8f5fc 100644 --- a/2022/24xxx/CVE-2022-24527.json +++ b/2022/24xxx/CVE-2022-24527.json @@ -1,292 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-24527", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - } - ] - } - }, - { - "product_name": "Windows 10 Version 1909 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 1909 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 1909 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server, version 20H2 (Server Core Installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": "Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability." + "value": "Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability" } ] }, @@ -302,6 +27,31 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Endpoint Configuration Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2103", + "version_value": "publication" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -312,11 +62,13 @@ ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", - "baseScore": "7.8", - "temporalScore": "6.8", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/24xxx/CVE-2022-24537.json b/2022/24xxx/CVE-2022-24537.json index 6b2817af911..99289042fcf 100644 --- a/2022/24xxx/CVE-2022-24537.json +++ b/2022/24xxx/CVE-2022-24537.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1645" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -209,7 +197,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24538.json b/2022/24xxx/CVE-2022-24538.json index b70ed2cca53..4d89cd066b6 100644 --- a/2022/24xxx/CVE-2022-24538.json +++ b/2022/24xxx/CVE-2022-24538.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24541.json b/2022/24xxx/CVE-2022-24541.json index e2025658648..71c968e1b5e 100644 --- a/2022/24xxx/CVE-2022-24541.json +++ b/2022/24xxx/CVE-2022-24541.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24548.json b/2022/24xxx/CVE-2022-24548.json index 2021928c5e3..0badc8fae88 100644 --- a/2022/24xxx/CVE-2022-24548.json +++ b/2022/24xxx/CVE-2022-24548.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26783.json b/2022/26xxx/CVE-2022-26783.json index 3b849132410..b129803c795 100644 --- a/2022/26xxx/CVE-2022-26783.json +++ b/2022/26xxx/CVE-2022-26783.json @@ -125,7 +125,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26784.json b/2022/26xxx/CVE-2022-26784.json index d911199eea3..47fedd6be18 100644 --- a/2022/26xxx/CVE-2022-26784.json +++ b/2022/26xxx/CVE-2022-26784.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26785.json b/2022/26xxx/CVE-2022-26785.json index 42250585e96..6ab9513f4e4 100644 --- a/2022/26xxx/CVE-2022-26785.json +++ b/2022/26xxx/CVE-2022-26785.json @@ -125,7 +125,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2023/29xxx/CVE-2023-29485.json b/2023/29xxx/CVE-2023-29485.json index 036d3ab2dc1..821bb24acb5 100644 --- a/2023/29xxx/CVE-2023-29485.json +++ b/2023/29xxx/CVE-2023-29485.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-29485", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-29485", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93", + "url": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93" } ] } diff --git a/2023/29xxx/CVE-2023-29486.json b/2023/29xxx/CVE-2023-29486.json index a25782c0e2d..f03481445dc 100644 --- a/2023/29xxx/CVE-2023-29486.json +++ b/2023/29xxx/CVE-2023-29486.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-29486", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-29486", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93", + "url": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93" } ] } diff --git a/2023/29xxx/CVE-2023-29487.json b/2023/29xxx/CVE-2023-29487.json index 8004b37d0ef..00a32230f94 100644 --- a/2023/29xxx/CVE-2023-29487.json +++ b/2023/29xxx/CVE-2023-29487.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-29487", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-29487", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93", + "url": "https://medium.com/@drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93" } ] } diff --git a/2023/45xxx/CVE-2023-45700.json b/2023/45xxx/CVE-2023-45700.json index 24f36b23ee2..cb4411b9650 100644 --- a/2023/45xxx/CVE-2023-45700.json +++ b/2023/45xxx/CVE-2023-45700.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-45700", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@hcl.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HCL Software", + "product": { + "product_data": [ + { + "product_name": "HCL Launch", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.1 - 7.1.2.14, 7.2 - 7.2.3.7, 7.3 - 7.3.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108644", + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108644" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2023/7xxx/CVE-2023-7020.json b/2023/7xxx/CVE-2023-7020.json index 733b772a27c..4eadd9ec8b3 100644 --- a/2023/7xxx/CVE-2023-7020.json +++ b/2023/7xxx/CVE-2023-7020.json @@ -1,17 +1,140 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7020", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMP_ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248567. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Eine kritische Schwachstelle wurde in Tongda OA 2017 bis 11.9 gefunden. Dies betrifft einen unbekannten Teil der Datei general/wiki/cp/ct/view.php. Dank der Manipulation des Arguments TEMP_ID mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tongda", + "product": { + "product_data": [ + { + "product_name": "OA 2017", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.0" + }, + { + "version_affected": "=", + "version_value": "11.1" + }, + { + "version_affected": "=", + "version_value": "11.2" + }, + { + "version_affected": "=", + "version_value": "11.3" + }, + { + "version_affected": "=", + "version_value": "11.4" + }, + { + "version_affected": "=", + "version_value": "11.5" + }, + { + "version_affected": "=", + "version_value": "11.6" + }, + { + "version_affected": "=", + "version_value": "11.7" + }, + { + "version_affected": "=", + "version_value": "11.8" + }, + { + "version_affected": "=", + "version_value": "11.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.248567", + "refsource": "MISC", + "name": "https://vuldb.com/?id.248567" + }, + { + "url": "https://vuldb.com/?ctiid.248567", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.248567" + }, + { + "url": "https://github.com/zte12321/cve/blob/main/sql.md", + "refsource": "MISC", + "name": "https://github.com/zte12321/cve/blob/main/sql.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "zte12321 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }