diff --git a/2023/23xxx/CVE-2023-23632.json b/2023/23xxx/CVE-2023-23632.json
index b9ee09696ea..df01bfc73b8 100644
--- a/2023/23xxx/CVE-2023-23632.json
+++ b/2023/23xxx/CVE-2023-23632.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2023-23632",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2023-23632",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_03_CSNC-2022-018_PRA_Privilege_Escalation.txt",
+ "url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_03_CSNC-2022-018_PRA_Privilege_Escalation.txt"
}
]
}
diff --git a/2023/43xxx/CVE-2023-43191.json b/2023/43xxx/CVE-2023-43191.json
index 5ca872ba6c0..00c20bcb53e 100644
--- a/2023/43xxx/CVE-2023-43191.json
+++ b/2023/43xxx/CVE-2023-43191.json
@@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
- "value": "JFinalCMS foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft"
+ "value": "SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft"
}
]
},
diff --git a/2023/43xxx/CVE-2023-43192.json b/2023/43xxx/CVE-2023-43192.json
index 3c1769c9e0e..89157bb2904 100644
--- a/2023/43xxx/CVE-2023-43192.json
+++ b/2023/43xxx/CVE-2023-43192.json
@@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
- "value": "SQL injection can exist in a newly created part of the JFinalcms background, and the parameters submitted by users are not filtered. As a result, special characters in parameters destroy the original logic of SQL statements. Attackers can use this vulnerability to execute any SQL statement."
+ "value": "SQL injection can exist in a newly created part of the SpringbootCMS 1.0 background, and the parameters submitted by users are not filtered. As a result, special characters in parameters destroy the original logic of SQL statements. Attackers can use this vulnerability to execute any SQL statement."
}
]
},
@@ -56,6 +56,11 @@
"url": "https://github.com/etn0tw/cve_sql/blob/main/jfinalcms_sql.md",
"refsource": "MISC",
"name": "https://github.com/etn0tw/cve_sql/blob/main/jfinalcms_sql.md"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/etn0tw/cve_sql/blob/main/springbootcms_sql.md",
+ "url": "https://github.com/etn0tw/cve_sql/blob/main/springbootcms_sql.md"
}
]
}
diff --git a/2023/5xxx/CVE-2023-5072.json b/2023/5xxx/CVE-2023-5072.json
index 9ea643be6d6..8ffe320664a 100644
--- a/2023/5xxx/CVE-2023-5072.json
+++ b/2023/5xxx/CVE-2023-5072.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Denial of Service in JSON-Java versions prior to 20230618. \u00a0A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.\u00a0\n"
+ "value": "Denial of Service in JSON-Java versions up to and including 20230618. \u00a0A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.\u00a0\n"
}
]
},
diff --git a/2023/5xxx/CVE-2023-5562.json b/2023/5xxx/CVE-2023-5562.json
index dafdb9b0bcd..23728271f3a 100644
--- a/2023/5xxx/CVE-2023-5562.json
+++ b/2023/5xxx/CVE-2023-5562.json
@@ -1,17 +1,101 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5562",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security@knime.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that is displayed by default. If the data to be displayed contains JavaScript this code is executed in the browser and can perform any operations that the current user is allowed to perform silently.\n\n\n\n\nKNIME Analytics Platform already has configuration options with which sanitization of data can be actived, see https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal . However, these are off by default which allows for cross-site scripting attacks.\n\n\nKNIME Analytics Platform 5.2.0 will enable sanitization by default. For all previous releases we recommend users to add the corresponding settings to the executor's knime.ini.\n\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "KNIME",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "KNIME Analytics Platform",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "5.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.knime.com/security/advisories#CVE-2023-5562",
+ "refsource": "MISC",
+ "name": "https://www.knime.com/security/advisories#CVE-2023-5562"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Sanitization can be enabled for all affected JavaScript-based views by adding -Djs.core.sanitize.clientHTML=true to the executor's knime.ini. See https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal for more details.
"
+ }
+ ],
+ "value": "Sanitization can be enabled for all affected JavaScript-based views by adding -Djs.core.sanitize.clientHTML=true to the executor's knime.ini. See https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal for more details.\n"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.1,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "NONE",
+ "scope": "CHANGED",
+ "userInteraction": "REQUIRED",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+ "version": "3.1"
}
]
}