diff --git a/2021/26xxx/CVE-2021-26731.json b/2021/26xxx/CVE-2021-26731.json index f46f2e5fe09..690b4ce1303 100644 --- a/2021/26xxx/CVE-2021-26731.json +++ b/2021/26xxx/CVE-2021-26731.json @@ -1,14 +1,47 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "prodsec@nozominetworks.com", "ID": "CVE-2021-26731", - "STATE": "PUBLIC", - "TITLE": "spx_restservice modifyUserb_func Command Injection and Multiple Stack-Based Buffer Overflows" + "ASSIGNER": "prodsec@nozominetworks.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] }, "affects": { "vendor": { "vendor_data": [ { + "vendor_name": "Lanner Inc", "product": { "product_data": [ { @@ -23,84 +56,53 @@ } } ] - }, - "vendor_name": "Lanner Inc" + } } ] } }, - "credit": [ - { - "lang": "eng", - "value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references": { + "reference_data": [ { - "lang": "eng", - "value": "Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0." + "url": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/", + "refsource": "MISC", + "name": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/" + }, + { + "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731/", + "refsource": "MISC", + "name": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731/" } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-121 Stack-based Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/", - "name": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/" - }, - { - "refsource": "MISC", - "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731/", - "name": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731/" - } - ] - }, "source": { - "advisory": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731/", "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2021/44xxx/CVE-2021-44467.json b/2021/44xxx/CVE-2021-44467.json index f762c404d1f..cbbcdacd28b 100644 --- a/2021/44xxx/CVE-2021-44467.json +++ b/2021/44xxx/CVE-2021-44467.json @@ -1,14 +1,38 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "prodsec@nozominetworks.com", "ID": "CVE-2021-44467", - "STATE": "PUBLIC", - "TITLE": "spx_restservice KillDupUsr_func Broken Access Control" + "ASSIGNER": "prodsec@nozominetworks.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] }, "affects": { "vendor": { "vendor_data": [ { + "vendor_name": "Lanner Inc", "product": { "product_data": [ { @@ -23,76 +47,53 @@ } } ] - }, - "vendor_name": "Lanner Inc" + } } ] } }, - "credit": [ - { - "lang": "eng", - "value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references": { + "reference_data": [ { - "lang": "eng", - "value": "A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0." + "url": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/", + "refsource": "MISC", + "name": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/" + }, + { + "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/", + "refsource": "MISC", + "name": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/" } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284 Improper Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/", - "name": "https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/" - }, - { - "refsource": "MISC", - "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/", - "name": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/" - } - ] - }, "source": { - "advisory": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/", "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca of Nozomi Networks found this bug during a security research activity." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3082.json b/2024/3xxx/CVE-2024-3082.json index 9b1563415ce..e38c34bbacf 100644 --- a/2024/3xxx/CVE-2024-3082.json +++ b/2024/3xxx/CVE-2024-3082.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext." + "value": "A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers (e.g., full-disk encryption) have been enabled." } ] }, diff --git a/2024/45xxx/CVE-2024-45792.json b/2024/45xxx/CVE-2024-45792.json index 170a18df5fd..b4f37b4db40 100644 --- a/2024/45xxx/CVE-2024-45792.json +++ b/2024/45xxx/CVE-2024-45792.json @@ -1,18 +1,78 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45792", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles. This vulnerability is fixed in 2.26.4." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisbt", + "product": { + "product_data": [ + { + "product_name": "mantisbt", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.26.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r", + "refsource": "MISC", + "name": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r" + }, + { + "url": "https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41", + "refsource": "MISC", + "name": "https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41" + }, + { + "url": "https://mantisbt.org/bugs/view.php?id=34640", + "refsource": "MISC", + "name": "https://mantisbt.org/bugs/view.php?id=34640" + } + ] + }, + "source": { + "advisory": "GHSA-h5q3-fjp4-2x7r", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/46xxx/CVE-2024-46280.json b/2024/46xxx/CVE-2024-46280.json index 339bef15449..fefdb3ac95a 100644 --- a/2024/46xxx/CVE-2024-46280.json +++ b/2024/46xxx/CVE-2024-46280.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46280", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46280", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://0xmupa.github.io/pixlink-weak-telnet", + "refsource": "MISC", + "name": "https://0xmupa.github.io/pixlink-weak-telnet" } ] } diff --git a/2024/46xxx/CVE-2024-46293.json b/2024/46xxx/CVE-2024-46293.json index 8b6b145d36d..1df8a2bd876 100644 --- a/2024/46xxx/CVE-2024-46293.json +++ b/2024/46xxx/CVE-2024-46293.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46293", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46293", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bunyamindemir/vulnerability-disclosures/blob/main/omos-authorization-bypass.md", + "refsource": "MISC", + "name": "https://github.com/bunyamindemir/vulnerability-disclosures/blob/main/omos-authorization-bypass.md" } ] } diff --git a/2024/46xxx/CVE-2024-46313.json b/2024/46xxx/CVE-2024-46313.json index 28b79bdcdd6..ac07d6880d2 100644 --- a/2024/46xxx/CVE-2024-46313.json +++ b/2024/46xxx/CVE-2024-46313.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46313", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46313", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-941ND/popupSiteSurveyRpm.md", + "refsource": "MISC", + "name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-941ND/popupSiteSurveyRpm.md" } ] } diff --git a/2024/47xxx/CVE-2024-47063.json b/2024/47xxx/CVE-2024-47063.json index 0499a3383ce..f5473f76454 100644 --- a/2024/47xxx/CVE-2024-47063.json +++ b/2024/47xxx/CVE-2024-47063.json @@ -1,18 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47063", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cvat-ai", + "product": { + "product_data": [ + { + "product_name": "cvat", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.4.7, < 2.19.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-2c85-39cc-2px9", + "refsource": "MISC", + "name": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-2c85-39cc-2px9" + }, + { + "url": "https://github.com/cvat-ai/cvat/commit/75c3d573bc9468b718f53b442c2ef69ad1d5de12", + "refsource": "MISC", + "name": "https://github.com/cvat-ai/cvat/commit/75c3d573bc9468b718f53b442c2ef69ad1d5de12" + } + ] + }, + "source": { + "advisory": "GHSA-2c85-39cc-2px9", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/47xxx/CVE-2024-47064.json b/2024/47xxx/CVE-2024-47064.json index eb889f3a025..3de9435bcc2 100644 --- a/2024/47xxx/CVE-2024-47064.json +++ b/2024/47xxx/CVE-2024-47064.json @@ -1,18 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47064", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-81: Improper Neutralization of Script in an Error Message Web Page", + "cweId": "CWE-81" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cvat-ai", + "product": { + "product_data": [ + { + "product_name": "cvat", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.16.0, < 2.19.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-hp6c-f34j-qjj7", + "refsource": "MISC", + "name": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-hp6c-f34j-qjj7" + }, + { + "url": "https://github.com/cvat-ai/cvat/commit/0bf45fd5de08a652dffbfb517318a64c2fdbc5cf", + "refsource": "MISC", + "name": "https://github.com/cvat-ai/cvat/commit/0bf45fd5de08a652dffbfb517318a64c2fdbc5cf" + } + ] + }, + "source": { + "advisory": "GHSA-hp6c-f34j-qjj7", + "discovery": "UNKNOWN" } } \ No newline at end of file