From 2afb0366dfa13f023ff24f7d847b1ed6c29c4876 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 1 Nov 2023 18:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/20xxx/CVE-2022-20713.json | 1010 +++++++++++++++++++++++++++++-- 2023/20xxx/CVE-2023-20031.json | 140 ++++- 2023/20xxx/CVE-2023-20042.json | 291 ++++++++- 2023/20xxx/CVE-2023-20048.json | 368 +++++++++++- 2023/20xxx/CVE-2023-20063.json | 643 +++++++++++++++++++- 2023/20xxx/CVE-2023-20070.json | 88 ++- 2023/20xxx/CVE-2023-20071.json | 705 +++++++++++++++++++++- 2023/20xxx/CVE-2023-20083.json | 368 +++++++++++- 2023/20xxx/CVE-2023-20095.json | 811 ++++++++++++++++++++++++- 2023/20xxx/CVE-2023-20170.json | 84 ++- 2023/20xxx/CVE-2023-20175.json | 220 ++++++- 2023/20xxx/CVE-2023-20196.json | 236 +++++++- 2023/20xxx/CVE-2023-20219.json | 188 +++++- 2023/20xxx/CVE-2023-20220.json | 372 +++++++++++- 2023/20xxx/CVE-2023-20246.json | 120 +++- 2023/20xxx/CVE-2023-20247.json | 1035 +++++++++++++++++++++++++++++++- 2023/20xxx/CVE-2023-20255.json | 85 ++- 2023/20xxx/CVE-2023-20264.json | 139 ++++- 2023/20xxx/CVE-2023-20267.json | 180 +++++- 2023/5xxx/CVE-2023-5358.json | 60 +- 2023/5xxx/CVE-2023-5480.json | 59 +- 2023/5xxx/CVE-2023-5482.json | 59 +- 2023/5xxx/CVE-2023-5765.json | 60 +- 2023/5xxx/CVE-2023-5766.json | 60 +- 2023/5xxx/CVE-2023-5849.json | 59 +- 2023/5xxx/CVE-2023-5850.json | 59 +- 2023/5xxx/CVE-2023-5851.json | 59 +- 2023/5xxx/CVE-2023-5852.json | 59 +- 2023/5xxx/CVE-2023-5853.json | 59 +- 2023/5xxx/CVE-2023-5854.json | 59 +- 2023/5xxx/CVE-2023-5855.json | 59 +- 2023/5xxx/CVE-2023-5856.json | 59 +- 2023/5xxx/CVE-2023-5857.json | 59 +- 2023/5xxx/CVE-2023-5858.json | 59 +- 2023/5xxx/CVE-2023-5859.json | 59 +- 2024/0xxx/CVE-2024-0001.json | 18 + 2024/0xxx/CVE-2024-0002.json | 18 + 2024/0xxx/CVE-2024-0003.json | 18 + 2024/0xxx/CVE-2024-0004.json | 18 + 2024/0xxx/CVE-2024-0005.json | 18 + 40 files changed, 7928 insertions(+), 192 deletions(-) create mode 100644 2024/0xxx/CVE-2024-0001.json create mode 100644 2024/0xxx/CVE-2024-0002.json create mode 100644 2024/0xxx/CVE-2024-0003.json create mode 100644 2024/0xxx/CVE-2024-0004.json create mode 100644 2024/0xxx/CVE-2024-0005.json diff --git a/2022/20xxx/CVE-2022-20713.json b/2022/20xxx/CVE-2022-20713.json index d44d2d3e968..95a57d766de 100644 --- a/2022/20xxx/CVE-2022-20713.json +++ b/2022/20xxx/CVE-2022-20713.json @@ -1,86 +1,984 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2022-08-10T23:00:00", - "ID": "CVE-2022-20713", - "STATE": "PUBLIC", - "TITLE": "Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Adaptive Security Appliance (ASA) Software ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-20713", + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the Clientless SSL VPN (WebVPN) component of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks. This vulnerability is due to improper validation of input that is passed to the Clientless SSL VPN component. An attacker could exploit this vulnerability by convincing a targeted user to visit a website that can pass malicious requests to an ASA device that has the Clientless SSL VPN feature enabled. A successful exploit could allow the attacker to conduct browser-based attacks, including cross-site scripting attacks, against the targeted user." + "value": "A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device." } ] }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N ", - "version": "3.0" - } - }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", - "value": "CWE-444" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.8.1" + }, + { + "version_affected": "=", + "version_value": "9.8.1.5" + }, + { + "version_affected": "=", + "version_value": "9.8.1.7" + }, + { + "version_affected": "=", + "version_value": "9.8.2" + }, + { + "version_affected": "=", + "version_value": "9.8.2.8" + }, + { + "version_affected": "=", + "version_value": "9.8.2.14" + }, + { + "version_affected": "=", + "version_value": "9.8.2.15" + }, + { + "version_affected": "=", + "version_value": "9.8.2.17" + }, + { + "version_affected": "=", + "version_value": "9.8.2.20" + }, + { + "version_affected": "=", + "version_value": "9.8.2.24" + }, + { + "version_affected": "=", + "version_value": "9.8.2.26" + }, + { + "version_affected": "=", + "version_value": "9.8.2.28" + }, + { + "version_affected": "=", + "version_value": "9.8.2.33" + }, + { + "version_affected": "=", + "version_value": "9.8.2.35" + }, + { + "version_affected": "=", + "version_value": "9.8.2.38" + }, + { + "version_affected": "=", + "version_value": "9.8.3.8" + }, + { + "version_affected": "=", + "version_value": "9.8.3.11" + }, + { + "version_affected": "=", + "version_value": "9.8.3.14" + }, + { + "version_affected": "=", + "version_value": "9.8.3.16" + }, + { + "version_affected": "=", + "version_value": "9.8.3.18" + }, + { + "version_affected": "=", + "version_value": "9.8.3.21" + }, + { + "version_affected": "=", + "version_value": "9.8.3" + }, + { + "version_affected": "=", + "version_value": "9.8.3.26" + }, + { + "version_affected": "=", + "version_value": "9.8.3.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4" + }, + { + "version_affected": "=", + "version_value": "9.8.4.3" + }, + { + "version_affected": "=", + "version_value": "9.8.4.7" + }, + { + "version_affected": "=", + "version_value": "9.8.4.8" + }, + { + "version_affected": "=", + "version_value": "9.8.4.10" + }, + { + "version_affected": "=", + "version_value": "9.8.4.12" + }, + { + "version_affected": "=", + "version_value": "9.8.4.15" + }, + { + "version_affected": "=", + "version_value": "9.8.4.17" + }, + { + "version_affected": "=", + "version_value": "9.8.4.25" + }, + { + "version_affected": "=", + "version_value": "9.8.4.20" + }, + { + "version_affected": "=", + "version_value": "9.8.4.22" + }, + { + "version_affected": "=", + "version_value": "9.8.4.26" + }, + { + "version_affected": "=", + "version_value": "9.8.4.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4.32" + }, + { + "version_affected": "=", + "version_value": "9.8.4.33" + }, + { + "version_affected": "=", + "version_value": "9.8.4.34" + }, + { + "version_affected": "=", + "version_value": "9.8.4.35" + }, + { + "version_affected": "=", + "version_value": "9.8.4.39" + }, + { + "version_affected": "=", + "version_value": "9.8.4.40" + }, + { + "version_affected": "=", + "version_value": "9.8.4.41" + }, + { + "version_affected": "=", + "version_value": "9.8.4.43" + }, + { + "version_affected": "=", + "version_value": "9.8.4.44" + }, + { + "version_affected": "=", + "version_value": "9.8.4.45" + }, + { + "version_affected": "=", + "version_value": "9.8.4.46" + }, + { + "version_affected": "=", + "version_value": "9.12.1" + }, + { + "version_affected": "=", + "version_value": "9.12.1.2" + }, + { + "version_affected": "=", + "version_value": "9.12.1.3" + }, + { + "version_affected": "=", + "version_value": "9.12.2" + }, + { + "version_affected": "=", + "version_value": "9.12.2.4" + }, + { + "version_affected": "=", + "version_value": "9.12.2.5" + }, + { + "version_affected": "=", + "version_value": "9.12.2.9" + }, + { + "version_affected": "=", + "version_value": "9.12.3" + }, + { + "version_affected": "=", + "version_value": "9.12.3.2" + }, + { + "version_affected": "=", + "version_value": "9.12.3.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4" + }, + { + "version_affected": "=", + "version_value": "9.12.3.12" + }, + { + "version_affected": "=", + "version_value": "9.12.3.9" + }, + { + "version_affected": "=", + "version_value": "9.12.2.1" + }, + { + "version_affected": "=", + "version_value": "9.12.4.2" + }, + { + "version_affected": "=", + "version_value": "9.12.4.4" + }, + { + "version_affected": "=", + "version_value": "9.12.4.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4.10" + }, + { + "version_affected": "=", + "version_value": "9.12.4.13" + }, + { + "version_affected": "=", + "version_value": "9.12.4.8" + }, + { + "version_affected": "=", + "version_value": "9.12.4.18" + }, + { + "version_affected": "=", + "version_value": "9.12.4.24" + }, + { + "version_affected": "=", + "version_value": "9.12.4.26" + }, + { + "version_affected": "=", + "version_value": "9.12.4.29" + }, + { + "version_affected": "=", + "version_value": "9.12.4.30" + }, + { + "version_affected": "=", + "version_value": "9.12.4.35" + }, + { + "version_affected": "=", + "version_value": "9.12.4.37" + }, + { + "version_affected": "=", + "version_value": "9.12.4.38" + }, + { + "version_affected": "=", + "version_value": "9.12.4.39" + }, + { + "version_affected": "=", + "version_value": "9.12.4.40" + }, + { + "version_affected": "=", + "version_value": "9.12.4.41" + }, + { + "version_affected": "=", + "version_value": "9.12.4.47" + }, + { + "version_affected": "=", + "version_value": "9.12.4.48" + }, + { + "version_affected": "=", + "version_value": "9.12.4.50" + }, + { + "version_affected": "=", + "version_value": "9.12.4.52" + }, + { + "version_affected": "=", + "version_value": "9.12.4.54" + }, + { + "version_affected": "=", + "version_value": "9.12.4.55" + }, + { + "version_affected": "=", + "version_value": "9.14.1" + }, + { + "version_affected": "=", + "version_value": "9.14.1.10" + }, + { + "version_affected": "=", + "version_value": "9.14.1.6" + }, + { + "version_affected": "=", + "version_value": "9.14.1.15" + }, + { + "version_affected": "=", + "version_value": "9.14.1.19" + }, + { + "version_affected": "=", + "version_value": "9.14.1.30" + }, + { + "version_affected": "=", + "version_value": "9.14.2" + }, + { + "version_affected": "=", + "version_value": "9.14.2.4" + }, + { + "version_affected": "=", + "version_value": "9.14.2.8" + }, + { + "version_affected": "=", + "version_value": "9.14.2.13" + }, + { + "version_affected": "=", + "version_value": "9.14.2.15" + }, + { + "version_affected": "=", + "version_value": "9.14.3" + }, + { + "version_affected": "=", + "version_value": "9.14.3.1" + }, + { + "version_affected": "=", + "version_value": "9.14.3.9" + }, + { + "version_affected": "=", + "version_value": "9.14.3.11" + }, + { + "version_affected": "=", + "version_value": "9.14.3.13" + }, + { + "version_affected": "=", + "version_value": "9.14.3.18" + }, + { + "version_affected": "=", + "version_value": "9.14.3.15" + }, + { + "version_affected": "=", + "version_value": "9.14.4" + }, + { + "version_affected": "=", + "version_value": "9.14.4.6" + }, + { + "version_affected": "=", + "version_value": "9.14.4.7" + }, + { + "version_affected": "=", + "version_value": "9.14.4.12" + }, + { + "version_affected": "=", + "version_value": "9.14.4.13" + }, + { + "version_affected": "=", + "version_value": "9.14.4.14" + }, + { + "version_affected": "=", + "version_value": "9.14.4.15" + }, + { + "version_affected": "=", + "version_value": "9.14.4.17" + }, + { + "version_affected": "=", + "version_value": "9.15.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.7" + }, + { + "version_affected": "=", + "version_value": "9.15.1.10" + }, + { + "version_affected": "=", + "version_value": "9.15.1.15" + }, + { + "version_affected": "=", + "version_value": "9.15.1.16" + }, + { + "version_affected": "=", + "version_value": "9.15.1.17" + }, + { + "version_affected": "=", + "version_value": "9.15.1.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.21" + }, + { + "version_affected": "=", + "version_value": "9.16.1" + }, + { + "version_affected": "=", + "version_value": "9.16.1.28" + }, + { + "version_affected": "=", + "version_value": "9.16.2" + }, + { + "version_affected": "=", + "version_value": "9.16.2.3" + }, + { + "version_affected": "=", + "version_value": "9.16.2.7" + }, + { + "version_affected": "=", + "version_value": "9.16.2.11" + }, + { + "version_affected": "=", + "version_value": "9.16.2.13" + }, + { + "version_affected": "=", + "version_value": "9.16.2.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3.15" + }, + { + "version_affected": "=", + "version_value": "9.16.3.19" + }, + { + "version_affected": "=", + "version_value": "9.16.3.23" + }, + { + "version_affected": "=", + "version_value": "9.16.4" + }, + { + "version_affected": "=", + "version_value": "9.16.4.9" + }, + { + "version_affected": "=", + "version_value": "9.17.1" + }, + { + "version_affected": "=", + "version_value": "9.17.1.7" + }, + { + "version_affected": "=", + "version_value": "9.17.1.9" + }, + { + "version_affected": "=", + "version_value": "9.17.1.10" + }, + { + "version_affected": "=", + "version_value": "9.17.1.11" + }, + { + "version_affected": "=", + "version_value": "9.17.1.13" + }, + { + "version_affected": "=", + "version_value": "9.17.1.15" + }, + { + "version_affected": "=", + "version_value": "9.17.1.20" + }, + { + "version_affected": "=", + "version_value": "9.18.1" + }, + { + "version_affected": "=", + "version_value": "9.18.1.3" + }, + { + "version_affected": "=", + "version_value": "9.18.2" + }, + { + "version_affected": "=", + "version_value": "9.18.2.5" + }, + { + "version_affected": "=", + "version_value": "9.18.2.7" + }, + { + "version_affected": "=", + "version_value": "9.18.2.8" + }, + { + "version_affected": "=", + "version_value": "9.19.1" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "20220810 Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO" + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO" } ] }, "source": { "advisory": "cisco-sa-asa-webvpn-LOeKsNmO", - "defect": [ - [ - "CSCwa04262" - ] - ], - "discovery": "INTERNAL" + "discovery": "EXTERNAL", + "defects": [ + "CSCwa04262", + "CSCwe93561", + "CSCwf47924", + "CSCwd95043" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + } + ] } } \ No newline at end of file diff --git a/2023/20xxx/CVE-2023-20031.json b/2023/20xxx/CVE-2023-20031.json index d012e5a0913..a3cfcbd756f 100644 --- a/2023/20xxx/CVE-2023-20031.json +++ b/2023/20xxx/CVE-2023-20031.json @@ -1,17 +1,149 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20031", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftd-snort3-8U4HHxH8", + "discovery": "EXTERNAL", + "defects": [ + "CSCwc07015" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20042.json b/2023/20xxx/CVE-2023-20042.json index 9ac1ac30743..7d89c57f162 100644 --- a/2023/20xxx/CVE-2023-20042.json +++ b/2023/20xxx/CVE-2023-20042.json @@ -1,17 +1,300 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20042", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.16.1" + }, + { + "version_affected": "=", + "version_value": "9.16.1.28" + }, + { + "version_affected": "=", + "version_value": "9.16.2" + }, + { + "version_affected": "=", + "version_value": "9.16.2.3" + }, + { + "version_affected": "=", + "version_value": "9.16.2.7" + }, + { + "version_affected": "=", + "version_value": "9.16.2.11" + }, + { + "version_affected": "=", + "version_value": "9.16.2.13" + }, + { + "version_affected": "=", + "version_value": "9.16.2.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3.15" + }, + { + "version_affected": "=", + "version_value": "9.16.3.19" + }, + { + "version_affected": "=", + "version_value": "9.16.3.23" + }, + { + "version_affected": "=", + "version_value": "9.16.4" + }, + { + "version_affected": "=", + "version_value": "9.16.4.9" + }, + { + "version_affected": "=", + "version_value": "9.17.1" + }, + { + "version_affected": "=", + "version_value": "9.17.1.7" + }, + { + "version_affected": "=", + "version_value": "9.17.1.9" + }, + { + "version_affected": "=", + "version_value": "9.17.1.10" + }, + { + "version_affected": "=", + "version_value": "9.17.1.11" + }, + { + "version_affected": "=", + "version_value": "9.17.1.13" + }, + { + "version_affected": "=", + "version_value": "9.17.1.15" + }, + { + "version_affected": "=", + "version_value": "9.17.1.20" + }, + { + "version_affected": "=", + "version_value": "9.18.1" + }, + { + "version_affected": "=", + "version_value": "9.18.1.3" + }, + { + "version_affected": "=", + "version_value": "9.18.2" + }, + { + "version_affected": "=", + "version_value": "9.18.2.5" + }, + { + "version_affected": "=", + "version_value": "9.18.2.7" + }, + { + "version_affected": "=", + "version_value": "9.19.1" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA" + } + ] + }, + "source": { + "advisory": "cisco-sa-asaftd-ssl-dos-kxG8mpUA", + "discovery": "EXTERNAL", + "defects": [ + "CSCwd62859" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20048.json b/2023/20xxx/CVE-2023-20048.json index 7a3bef00659..67c0d34ad98 100644 --- a/2023/20xxx/CVE-2023-20048.json +++ b/2023/20xxx/CVE-2023-20048.json @@ -1,17 +1,377 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20048", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Management Center", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.2.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN" + } + ] + }, + "source": { + "advisory": "cisco-sa-fmc-cmd-inj-29MP49hN", + "discovery": "INTERNAL", + "defects": [ + "CSCwd02925" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H", + "baseScore": 9.9, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20063.json b/2023/20xxx/CVE-2023-20063.json index 22ecb79b4d7..dee9c49af2f 100644 --- a/2023/20xxx/CVE-2023-20063.json +++ b/2023/20xxx/CVE-2023-20063.json @@ -1,17 +1,652 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20063", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Management Center", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.4.0.17" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.2.3.1" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.4.0.17" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L", + "discovery": "INTERNAL", + "defects": [ + "CSCwb42031" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20070.json b/2023/20xxx/CVE-2023-20070.json index a66dda38a53..c26df2e8a11 100644 --- a/2023/20xxx/CVE-2023-20070.json +++ b/2023/20xxx/CVE-2023-20070.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20070", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftd-snort3-uAnUntcV", + "discovery": "EXTERNAL", + "defects": [ + "CSCwc59953" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L", + "baseScore": 4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" } ] } diff --git a/2023/20xxx/CVE-2023-20071.json b/2023/20xxx/CVE-2023-20071.json index 182fe8b2f1f..f6387a14cf7 100644 --- a/2023/20xxx/CVE-2023-20071.json +++ b/2023/20xxx/CVE-2023-20071.json @@ -1,17 +1,714 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20071", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + }, + { + "product_name": "Cisco Umbrella Insights Virtual Appliance", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "Cisco Cyber Vision", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.0.4" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "3.0.1" + }, + { + "version_affected": "=", + "version_value": "3.0.2" + }, + { + "version_affected": "=", + "version_value": "3.0.3" + }, + { + "version_affected": "=", + "version_value": "3.0.5" + }, + { + "version_affected": "=", + "version_value": "3.0.6" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.1.2" + }, + { + "version_affected": "=", + "version_value": "3.1.1" + }, + { + "version_affected": "=", + "version_value": "3.2.3" + }, + { + "version_affected": "=", + "version_value": "3.2.1" + }, + { + "version_affected": "=", + "version_value": "3.2.4" + }, + { + "version_affected": "=", + "version_value": "3.2.0" + }, + { + "version_affected": "=", + "version_value": "3.2.2" + }, + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "4.0.1" + }, + { + "version_affected": "=", + "version_value": "4.0.2" + }, + { + "version_affected": "=", + "version_value": "4.0.3" + }, + { + "version_affected": "=", + "version_value": "4.1.0" + }, + { + "version_affected": "=", + "version_value": "4.1.1" + }, + { + "version_affected": "=", + "version_value": "4.1.2" + } + ] + } + }, + { + "product_name": "Cisco UTD SNORT IPS Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "16.12.1a" + }, + { + "version_affected": "=", + "version_value": "16.12.2" + }, + { + "version_affected": "=", + "version_value": "16.12.3" + }, + { + "version_affected": "=", + "version_value": "16.12.4" + }, + { + "version_affected": "=", + "version_value": "16.12.5" + }, + { + "version_affected": "=", + "version_value": "16.12.6" + }, + { + "version_affected": "=", + "version_value": "16.12.7" + }, + { + "version_affected": "=", + "version_value": "16.12.8" + }, + { + "version_affected": "=", + "version_value": "16.6.1" + }, + { + "version_affected": "=", + "version_value": "16.6.5" + }, + { + "version_affected": "=", + "version_value": "16.6.6" + }, + { + "version_affected": "=", + "version_value": "16.6.7a" + }, + { + "version_affected": "=", + "version_value": "16.6.9" + }, + { + "version_affected": "=", + "version_value": "16.6.10" + }, + { + "version_affected": "=", + "version_value": "17.1.1" + }, + { + "version_affected": "=", + "version_value": "17.2.1r" + }, + { + "version_affected": "=", + "version_value": "17.3.1a" + }, + { + "version_affected": "=", + "version_value": "17.3.2" + }, + { + "version_affected": "=", + "version_value": "17.3.3" + }, + { + "version_affected": "=", + "version_value": "17.3.4a" + }, + { + "version_affected": "=", + "version_value": "17.3.6" + }, + { + "version_affected": "=", + "version_value": "17.3.5" + }, + { + "version_affected": "=", + "version_value": "17.3.7" + }, + { + "version_affected": "=", + "version_value": "3.17.0S" + }, + { + "version_affected": "=", + "version_value": "3.17.1S" + }, + { + "version_affected": "=", + "version_value": "17.4.1a" + }, + { + "version_affected": "=", + "version_value": "17.4.2" + }, + { + "version_affected": "=", + "version_value": "17.4.1b" + }, + { + "version_affected": "=", + "version_value": "17.5.1a" + }, + { + "version_affected": "=", + "version_value": "17.6.1a" + }, + { + "version_affected": "=", + "version_value": "17.6.2" + }, + { + "version_affected": "=", + "version_value": "17.6.3a" + }, + { + "version_affected": "=", + "version_value": "17.6.4" + }, + { + "version_affected": "=", + "version_value": "17.6.5" + }, + { + "version_affected": "=", + "version_value": "17.7.1a" + }, + { + "version_affected": "=", + "version_value": "17.7.2" + }, + { + "version_affected": "=", + "version_value": "17.10.1a" + }, + { + "version_affected": "=", + "version_value": "17.9.1a" + }, + { + "version_affected": "=", + "version_value": "17.9.2a" + }, + { + "version_affected": "=", + "version_value": "17.9.3a" + }, + { + "version_affected": "=", + "version_value": "17.8.1a" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.2" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.4" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.6" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.3" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.7" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.8" + }, + { + "version_affected": "=", + "version_value": "Fuji-16.9.5" + }, + { + "version_affected": "=", + "version_value": "Denali-16.3.3" + }, + { + "version_affected": "=", + "version_value": "Denali-16.3.9" + }, + { + "version_affected": "=", + "version_value": "Denali-16.3.7" + }, + { + "version_affected": "=", + "version_value": "Denali-16.3.5" + }, + { + "version_affected": "=", + "version_value": "Denali-16.3.4" + }, + { + "version_affected": "=", + "version_value": "Everest-16.6.3" + }, + { + "version_affected": "=", + "version_value": "Everest-16.6.4" + }, + { + "version_affected": "=", + "version_value": "Everest-16.6.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM" + } + ] + }, + "source": { + "advisory": "cisco-sa-snort-ftd-zXYtnjOM", + "discovery": "INTERNAL", + "defects": [ + "CSCwb69096", + "CSCwd83613", + "CSCwd09631", + "CSCwe02137", + "CSCwe57521" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 5.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20083.json b/2023/20xxx/CVE-2023-20083.json index c5b29d0674d..6afaf1e452c 100644 --- a/2023/20xxx/CVE-2023-20083.json +++ b/2023/20xxx/CVE-2023-20083.json @@ -1,17 +1,377 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20083", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.4.0.17" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftd-icmpv6-dos-4eMkLuN", + "discovery": "INTERNAL", + "defects": [ + "CSCwc20635" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20095.json b/2023/20xxx/CVE-2023-20095.json index 4dde9cfdb32..06ddddf7a64 100644 --- a/2023/20xxx/CVE-2023-20095.json +++ b/2023/20xxx/CVE-2023-20095.json @@ -1,17 +1,820 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.8.1" + }, + { + "version_affected": "=", + "version_value": "9.8.1.5" + }, + { + "version_affected": "=", + "version_value": "9.8.1.7" + }, + { + "version_affected": "=", + "version_value": "9.8.2" + }, + { + "version_affected": "=", + "version_value": "9.8.2.8" + }, + { + "version_affected": "=", + "version_value": "9.8.2.14" + }, + { + "version_affected": "=", + "version_value": "9.8.2.15" + }, + { + "version_affected": "=", + "version_value": "9.8.2.17" + }, + { + "version_affected": "=", + "version_value": "9.8.2.20" + }, + { + "version_affected": "=", + "version_value": "9.8.2.24" + }, + { + "version_affected": "=", + "version_value": "9.8.2.26" + }, + { + "version_affected": "=", + "version_value": "9.8.2.28" + }, + { + "version_affected": "=", + "version_value": "9.8.2.33" + }, + { + "version_affected": "=", + "version_value": "9.8.2.35" + }, + { + "version_affected": "=", + "version_value": "9.8.2.38" + }, + { + "version_affected": "=", + "version_value": "9.8.3.8" + }, + { + "version_affected": "=", + "version_value": "9.8.3.11" + }, + { + "version_affected": "=", + "version_value": "9.8.3.14" + }, + { + "version_affected": "=", + "version_value": "9.8.3.16" + }, + { + "version_affected": "=", + "version_value": "9.8.3.18" + }, + { + "version_affected": "=", + "version_value": "9.8.3.21" + }, + { + "version_affected": "=", + "version_value": "9.8.3" + }, + { + "version_affected": "=", + "version_value": "9.8.3.26" + }, + { + "version_affected": "=", + "version_value": "9.8.3.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4" + }, + { + "version_affected": "=", + "version_value": "9.8.4.3" + }, + { + "version_affected": "=", + "version_value": "9.8.4.7" + }, + { + "version_affected": "=", + "version_value": "9.8.4.8" + }, + { + "version_affected": "=", + "version_value": "9.8.4.10" + }, + { + "version_affected": "=", + "version_value": "9.8.4.12" + }, + { + "version_affected": "=", + "version_value": "9.8.4.15" + }, + { + "version_affected": "=", + "version_value": "9.8.4.17" + }, + { + "version_affected": "=", + "version_value": "9.8.4.25" + }, + { + "version_affected": "=", + "version_value": "9.8.4.20" + }, + { + "version_affected": "=", + "version_value": "9.8.4.22" + }, + { + "version_affected": "=", + "version_value": "9.8.4.26" + }, + { + "version_affected": "=", + "version_value": "9.8.4.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4.32" + }, + { + "version_affected": "=", + "version_value": "9.8.4.33" + }, + { + "version_affected": "=", + "version_value": "9.8.4.34" + }, + { + "version_affected": "=", + "version_value": "9.8.4.35" + }, + { + "version_affected": "=", + "version_value": "9.8.4.39" + }, + { + "version_affected": "=", + "version_value": "9.8.4.40" + }, + { + "version_affected": "=", + "version_value": "9.8.4.41" + }, + { + "version_affected": "=", + "version_value": "9.8.4.43" + }, + { + "version_affected": "=", + "version_value": "9.8.4.44" + }, + { + "version_affected": "=", + "version_value": "9.8.4.45" + }, + { + "version_affected": "=", + "version_value": "9.12.1" + }, + { + "version_affected": "=", + "version_value": "9.12.1.2" + }, + { + "version_affected": "=", + "version_value": "9.12.1.3" + }, + { + "version_affected": "=", + "version_value": "9.12.2" + }, + { + "version_affected": "=", + "version_value": "9.12.2.4" + }, + { + "version_affected": "=", + "version_value": "9.12.2.5" + }, + { + "version_affected": "=", + "version_value": "9.12.2.9" + }, + { + "version_affected": "=", + "version_value": "9.12.3" + }, + { + "version_affected": "=", + "version_value": "9.12.3.2" + }, + { + "version_affected": "=", + "version_value": "9.12.3.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4" + }, + { + "version_affected": "=", + "version_value": "9.12.3.12" + }, + { + "version_affected": "=", + "version_value": "9.12.3.9" + }, + { + "version_affected": "=", + "version_value": "9.12.2.1" + }, + { + "version_affected": "=", + "version_value": "9.12.4.2" + }, + { + "version_affected": "=", + "version_value": "9.12.4.4" + }, + { + "version_affected": "=", + "version_value": "9.12.4.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4.10" + }, + { + "version_affected": "=", + "version_value": "9.12.4.13" + }, + { + "version_affected": "=", + "version_value": "9.12.4.8" + }, + { + "version_affected": "=", + "version_value": "9.12.4.18" + }, + { + "version_affected": "=", + "version_value": "9.12.4.24" + }, + { + "version_affected": "=", + "version_value": "9.12.4.26" + }, + { + "version_affected": "=", + "version_value": "9.12.4.29" + }, + { + "version_affected": "=", + "version_value": "9.12.4.30" + }, + { + "version_affected": "=", + "version_value": "9.12.4.35" + }, + { + "version_affected": "=", + "version_value": "9.12.4.37" + }, + { + "version_affected": "=", + "version_value": "9.12.4.38" + }, + { + "version_affected": "=", + "version_value": "9.12.4.39" + }, + { + "version_affected": "=", + "version_value": "9.12.4.40" + }, + { + "version_affected": "=", + "version_value": "9.12.4.41" + }, + { + "version_affected": "=", + "version_value": "9.14.1" + }, + { + "version_affected": "=", + "version_value": "9.14.1.10" + }, + { + "version_affected": "=", + "version_value": "9.14.1.6" + }, + { + "version_affected": "=", + "version_value": "9.14.1.15" + }, + { + "version_affected": "=", + "version_value": "9.14.1.19" + }, + { + "version_affected": "=", + "version_value": "9.14.1.30" + }, + { + "version_affected": "=", + "version_value": "9.14.2" + }, + { + "version_affected": "=", + "version_value": "9.14.2.4" + }, + { + "version_affected": "=", + "version_value": "9.14.2.8" + }, + { + "version_affected": "=", + "version_value": "9.14.2.13" + }, + { + "version_affected": "=", + "version_value": "9.14.2.15" + }, + { + "version_affected": "=", + "version_value": "9.14.3" + }, + { + "version_affected": "=", + "version_value": "9.14.3.1" + }, + { + "version_affected": "=", + "version_value": "9.14.3.9" + }, + { + "version_affected": "=", + "version_value": "9.14.3.11" + }, + { + "version_affected": "=", + "version_value": "9.14.3.13" + }, + { + "version_affected": "=", + "version_value": "9.14.3.18" + }, + { + "version_affected": "=", + "version_value": "9.14.3.15" + }, + { + "version_affected": "=", + "version_value": "9.14.4" + }, + { + "version_affected": "=", + "version_value": "9.14.4.6" + }, + { + "version_affected": "=", + "version_value": "9.14.4.7" + }, + { + "version_affected": "=", + "version_value": "9.15.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.7" + }, + { + "version_affected": "=", + "version_value": "9.15.1.10" + }, + { + "version_affected": "=", + "version_value": "9.15.1.15" + }, + { + "version_affected": "=", + "version_value": "9.15.1.16" + }, + { + "version_affected": "=", + "version_value": "9.15.1.17" + }, + { + "version_affected": "=", + "version_value": "9.15.1.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.21" + }, + { + "version_affected": "=", + "version_value": "9.16.1" + }, + { + "version_affected": "=", + "version_value": "9.16.1.28" + }, + { + "version_affected": "=", + "version_value": "9.16.2" + }, + { + "version_affected": "=", + "version_value": "9.16.2.3" + }, + { + "version_affected": "=", + "version_value": "9.16.2.7" + }, + { + "version_affected": "=", + "version_value": "9.16.2.11" + }, + { + "version_affected": "=", + "version_value": "9.16.2.13" + }, + { + "version_affected": "=", + "version_value": "9.16.2.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.14" + }, + { + "version_affected": "=", + "version_value": "9.17.1" + }, + { + "version_affected": "=", + "version_value": "9.17.1.7" + }, + { + "version_affected": "=", + "version_value": "9.17.1.9" + }, + { + "version_affected": "=", + "version_value": "9.18.1" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS" + } + ] + }, + "source": { + "advisory": "cisco-sa-asa-webvpn-dos-3GhZQBAS", + "discovery": "INTERNAL", + "defects": [ + "CSCwb63827" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20170.json b/2023/20xxx/CVE-2023-20170.json index 86dc35609f4..600141c3cfe 100644 --- a/2023/20xxx/CVE-2023-20170.json +++ b/2023/20xxx/CVE-2023-20170.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20170", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-injection-QeXegrCw", + "discovery": "INTERNAL", + "defects": [ + "CSCwd41220" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20175.json b/2023/20xxx/CVE-2023-20175.json index 31a2ee5ca00..1bfebd7666f 100644 --- a/2023/20xxx/CVE-2023-20175.json +++ b/2023/20xxx/CVE-2023-20175.json @@ -1,17 +1,229 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20175", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.6.0" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p1" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p2" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p3" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p5" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p6" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p7" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p8" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p9" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p10" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p11" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p12" + }, + { + "version_affected": "=", + "version_value": "2.7.0" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p1" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p2" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p3" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p4" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p5" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p6" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p7" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p9" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p6" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p7" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-injection-QeXegrCw", + "discovery": "INTERNAL", + "defects": [ + "CSCwd07353" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20196.json b/2023/20xxx/CVE-2023-20196.json index efbb7bee87c..3aa64aca4fb 100644 --- a/2023/20xxx/CVE-2023-20196.json +++ b/2023/20xxx/CVE-2023-20196.json @@ -1,17 +1,245 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20196", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.6.0" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p1" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p2" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p3" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p5" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p6" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p7" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p8" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p9" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p10" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p11" + }, + { + "version_affected": "=", + "version_value": "2.6.0 p12" + }, + { + "version_affected": "=", + "version_value": "2.7.0" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p1" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p2" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p3" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p4" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p5" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p6" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p7" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p9" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p6" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p7" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p6" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p7" + }, + { + "version_affected": "=", + "version_value": "3.2.0" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-file-upload-FceLP4xs", + "discovery": "INTERNAL", + "defects": [ + "CSCwd93720" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" } ] } diff --git a/2023/20xxx/CVE-2023-20219.json b/2023/20xxx/CVE-2023-20219.json index 2b930a4a724..9854deda2d0 100644 --- a/2023/20xxx/CVE-2023-20219.json +++ b/2023/20xxx/CVE-2023-20219.json @@ -1,17 +1,197 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20219", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Management Center", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.2.3.1" + }, + { + "version_affected": "=", + "version_value": "7.2.4" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX" + } + ] + }, + "source": { + "advisory": "cisco-sa-fmc-cmdinj-bTEgufOX", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf63210" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20220.json b/2023/20xxx/CVE-2023-20220.json index ae3ab211199..cc34a15b11a 100644 --- a/2023/20xxx/CVE-2023-20220.json +++ b/2023/20xxx/CVE-2023-20220.json @@ -1,17 +1,381 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20220", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device credentials, but does not need Administrator privileges. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device, including on the underlying operating system, which could also affect the availability of the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Management Center", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.2.3.1" + }, + { + "version_affected": "=", + "version_value": "7.2.4" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX" + } + ] + }, + "source": { + "advisory": "cisco-sa-fmc-cmdinj-bTEgufOX", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf63215" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" } ] } diff --git a/2023/20xxx/CVE-2023-20246.json b/2023/20xxx/CVE-2023-20246.json index b1d7d690882..2d29eebaf12 100644 --- a/2023/20xxx/CVE-2023-20246.json +++ b/2023/20xxx/CVE-2023-20246.json @@ -1,17 +1,129 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20246", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + }, + { + "product_name": "Cisco Umbrella Insights Virtual Appliance", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftd-snort3acp-bypass-3bdR2BEh", + "discovery": "INTERNAL", + "defects": [ + "CSCwe15280", + "CSCwe83859" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 5.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20247.json b/2023/20xxx/CVE-2023-20247.json index fbda58babff..6e3cc17e2a3 100644 --- a/2023/20xxx/CVE-2023-20247.json +++ b/2023/20xxx/CVE-2023-20247.json @@ -1,17 +1,1044 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20247", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.8.1" + }, + { + "version_affected": "=", + "version_value": "9.8.1.5" + }, + { + "version_affected": "=", + "version_value": "9.8.1.7" + }, + { + "version_affected": "=", + "version_value": "9.8.2" + }, + { + "version_affected": "=", + "version_value": "9.8.2.8" + }, + { + "version_affected": "=", + "version_value": "9.8.2.14" + }, + { + "version_affected": "=", + "version_value": "9.8.2.15" + }, + { + "version_affected": "=", + "version_value": "9.8.2.17" + }, + { + "version_affected": "=", + "version_value": "9.8.2.20" + }, + { + "version_affected": "=", + "version_value": "9.8.2.24" + }, + { + "version_affected": "=", + "version_value": "9.8.2.26" + }, + { + "version_affected": "=", + "version_value": "9.8.2.28" + }, + { + "version_affected": "=", + "version_value": "9.8.2.33" + }, + { + "version_affected": "=", + "version_value": "9.8.2.35" + }, + { + "version_affected": "=", + "version_value": "9.8.2.38" + }, + { + "version_affected": "=", + "version_value": "9.8.3.8" + }, + { + "version_affected": "=", + "version_value": "9.8.3.11" + }, + { + "version_affected": "=", + "version_value": "9.8.3.14" + }, + { + "version_affected": "=", + "version_value": "9.8.3.16" + }, + { + "version_affected": "=", + "version_value": "9.8.3.18" + }, + { + "version_affected": "=", + "version_value": "9.8.3.21" + }, + { + "version_affected": "=", + "version_value": "9.8.3" + }, + { + "version_affected": "=", + "version_value": "9.8.3.26" + }, + { + "version_affected": "=", + "version_value": "9.8.3.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4" + }, + { + "version_affected": "=", + "version_value": "9.8.4.3" + }, + { + "version_affected": "=", + "version_value": "9.8.4.7" + }, + { + "version_affected": "=", + "version_value": "9.8.4.8" + }, + { + "version_affected": "=", + "version_value": "9.8.4.10" + }, + { + "version_affected": "=", + "version_value": "9.8.4.12" + }, + { + "version_affected": "=", + "version_value": "9.8.4.15" + }, + { + "version_affected": "=", + "version_value": "9.8.4.17" + }, + { + "version_affected": "=", + "version_value": "9.8.4.25" + }, + { + "version_affected": "=", + "version_value": "9.8.4.20" + }, + { + "version_affected": "=", + "version_value": "9.8.4.22" + }, + { + "version_affected": "=", + "version_value": "9.8.4.26" + }, + { + "version_affected": "=", + "version_value": "9.8.4.29" + }, + { + "version_affected": "=", + "version_value": "9.8.4.32" + }, + { + "version_affected": "=", + "version_value": "9.8.4.33" + }, + { + "version_affected": "=", + "version_value": "9.8.4.34" + }, + { + "version_affected": "=", + "version_value": "9.8.4.35" + }, + { + "version_affected": "=", + "version_value": "9.8.4.39" + }, + { + "version_affected": "=", + "version_value": "9.8.4.40" + }, + { + "version_affected": "=", + "version_value": "9.8.4.41" + }, + { + "version_affected": "=", + "version_value": "9.8.4.43" + }, + { + "version_affected": "=", + "version_value": "9.8.4.44" + }, + { + "version_affected": "=", + "version_value": "9.8.4.45" + }, + { + "version_affected": "=", + "version_value": "9.8.4.46" + }, + { + "version_affected": "=", + "version_value": "9.8.4.48" + }, + { + "version_affected": "=", + "version_value": "9.12.1" + }, + { + "version_affected": "=", + "version_value": "9.12.1.2" + }, + { + "version_affected": "=", + "version_value": "9.12.1.3" + }, + { + "version_affected": "=", + "version_value": "9.12.2" + }, + { + "version_affected": "=", + "version_value": "9.12.2.4" + }, + { + "version_affected": "=", + "version_value": "9.12.2.5" + }, + { + "version_affected": "=", + "version_value": "9.12.2.9" + }, + { + "version_affected": "=", + "version_value": "9.12.3" + }, + { + "version_affected": "=", + "version_value": "9.12.3.2" + }, + { + "version_affected": "=", + "version_value": "9.12.3.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4" + }, + { + "version_affected": "=", + "version_value": "9.12.3.12" + }, + { + "version_affected": "=", + "version_value": "9.12.3.9" + }, + { + "version_affected": "=", + "version_value": "9.12.2.1" + }, + { + "version_affected": "=", + "version_value": "9.12.4.2" + }, + { + "version_affected": "=", + "version_value": "9.12.4.4" + }, + { + "version_affected": "=", + "version_value": "9.12.4.7" + }, + { + "version_affected": "=", + "version_value": "9.12.4.10" + }, + { + "version_affected": "=", + "version_value": "9.12.4.13" + }, + { + "version_affected": "=", + "version_value": "9.12.4.8" + }, + { + "version_affected": "=", + "version_value": "9.12.4.18" + }, + { + "version_affected": "=", + "version_value": "9.12.4.24" + }, + { + "version_affected": "=", + "version_value": "9.12.4.26" + }, + { + "version_affected": "=", + "version_value": "9.12.4.29" + }, + { + "version_affected": "=", + "version_value": "9.12.4.30" + }, + { + "version_affected": "=", + "version_value": "9.12.4.35" + }, + { + "version_affected": "=", + "version_value": "9.12.4.37" + }, + { + "version_affected": "=", + "version_value": "9.12.4.38" + }, + { + "version_affected": "=", + "version_value": "9.12.4.39" + }, + { + "version_affected": "=", + "version_value": "9.12.4.40" + }, + { + "version_affected": "=", + "version_value": "9.12.4.41" + }, + { + "version_affected": "=", + "version_value": "9.12.4.47" + }, + { + "version_affected": "=", + "version_value": "9.12.4.48" + }, + { + "version_affected": "=", + "version_value": "9.12.4.50" + }, + { + "version_affected": "=", + "version_value": "9.12.4.52" + }, + { + "version_affected": "=", + "version_value": "9.12.4.54" + }, + { + "version_affected": "=", + "version_value": "9.12.4.55" + }, + { + "version_affected": "=", + "version_value": "9.12.4.56" + }, + { + "version_affected": "=", + "version_value": "9.12.4.58" + }, + { + "version_affected": "=", + "version_value": "9.14.1" + }, + { + "version_affected": "=", + "version_value": "9.14.1.10" + }, + { + "version_affected": "=", + "version_value": "9.14.1.6" + }, + { + "version_affected": "=", + "version_value": "9.14.1.15" + }, + { + "version_affected": "=", + "version_value": "9.14.1.19" + }, + { + "version_affected": "=", + "version_value": "9.14.1.30" + }, + { + "version_affected": "=", + "version_value": "9.14.2" + }, + { + "version_affected": "=", + "version_value": "9.14.2.4" + }, + { + "version_affected": "=", + "version_value": "9.14.2.8" + }, + { + "version_affected": "=", + "version_value": "9.14.2.13" + }, + { + "version_affected": "=", + "version_value": "9.14.2.15" + }, + { + "version_affected": "=", + "version_value": "9.14.3" + }, + { + "version_affected": "=", + "version_value": "9.14.3.1" + }, + { + "version_affected": "=", + "version_value": "9.14.3.9" + }, + { + "version_affected": "=", + "version_value": "9.14.3.11" + }, + { + "version_affected": "=", + "version_value": "9.14.3.13" + }, + { + "version_affected": "=", + "version_value": "9.14.3.18" + }, + { + "version_affected": "=", + "version_value": "9.14.3.15" + }, + { + "version_affected": "=", + "version_value": "9.14.4" + }, + { + "version_affected": "=", + "version_value": "9.14.4.6" + }, + { + "version_affected": "=", + "version_value": "9.14.4.7" + }, + { + "version_affected": "=", + "version_value": "9.14.4.12" + }, + { + "version_affected": "=", + "version_value": "9.14.4.13" + }, + { + "version_affected": "=", + "version_value": "9.14.4.14" + }, + { + "version_affected": "=", + "version_value": "9.14.4.15" + }, + { + "version_affected": "=", + "version_value": "9.14.4.17" + }, + { + "version_affected": "=", + "version_value": "9.14.4.22" + }, + { + "version_affected": "=", + "version_value": "9.14.4.23" + }, + { + "version_affected": "=", + "version_value": "9.15.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.7" + }, + { + "version_affected": "=", + "version_value": "9.15.1.10" + }, + { + "version_affected": "=", + "version_value": "9.15.1.15" + }, + { + "version_affected": "=", + "version_value": "9.15.1.16" + }, + { + "version_affected": "=", + "version_value": "9.15.1.17" + }, + { + "version_affected": "=", + "version_value": "9.15.1.1" + }, + { + "version_affected": "=", + "version_value": "9.15.1.21" + }, + { + "version_affected": "=", + "version_value": "9.16.1" + }, + { + "version_affected": "=", + "version_value": "9.16.1.28" + }, + { + "version_affected": "=", + "version_value": "9.16.2" + }, + { + "version_affected": "=", + "version_value": "9.16.2.3" + }, + { + "version_affected": "=", + "version_value": "9.16.2.7" + }, + { + "version_affected": "=", + "version_value": "9.16.2.11" + }, + { + "version_affected": "=", + "version_value": "9.16.2.13" + }, + { + "version_affected": "=", + "version_value": "9.16.2.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.3" + }, + { + "version_affected": "=", + "version_value": "9.16.3.14" + }, + { + "version_affected": "=", + "version_value": "9.16.3.15" + }, + { + "version_affected": "=", + "version_value": "9.16.3.19" + }, + { + "version_affected": "=", + "version_value": "9.16.3.23" + }, + { + "version_affected": "=", + "version_value": "9.16.4" + }, + { + "version_affected": "=", + "version_value": "9.16.4.9" + }, + { + "version_affected": "=", + "version_value": "9.16.4.14" + }, + { + "version_affected": "=", + "version_value": "9.16.4.18" + }, + { + "version_affected": "=", + "version_value": "9.16.4.19" + }, + { + "version_affected": "=", + "version_value": "9.17.1" + }, + { + "version_affected": "=", + "version_value": "9.17.1.7" + }, + { + "version_affected": "=", + "version_value": "9.17.1.9" + }, + { + "version_affected": "=", + "version_value": "9.17.1.10" + }, + { + "version_affected": "=", + "version_value": "9.17.1.11" + }, + { + "version_affected": "=", + "version_value": "9.17.1.13" + }, + { + "version_affected": "=", + "version_value": "9.17.1.15" + }, + { + "version_affected": "=", + "version_value": "9.17.1.20" + }, + { + "version_affected": "=", + "version_value": "9.17.1.30" + }, + { + "version_affected": "=", + "version_value": "9.18.1" + }, + { + "version_affected": "=", + "version_value": "9.18.1.3" + }, + { + "version_affected": "=", + "version_value": "9.18.2" + }, + { + "version_affected": "=", + "version_value": "9.18.2.5" + }, + { + "version_affected": "=", + "version_value": "9.18.2.7" + }, + { + "version_affected": "=", + "version_value": "9.18.2.8" + }, + { + "version_affected": "=", + "version_value": "9.18.3" + }, + { + "version_affected": "=", + "version_value": "9.18.3.39" + }, + { + "version_affected": "=", + "version_value": "9.18.3.46" + }, + { + "version_affected": "=", + "version_value": "9.19.1" + }, + { + "version_affected": "=", + "version_value": "9.19.1.5" + }, + { + "version_affected": "=", + "version_value": "9.19.1.9" + }, + { + "version_affected": "=", + "version_value": "9.19.1.12" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.2.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.3.2" + }, + { + "version_affected": "=", + "version_value": "6.2.3.3" + }, + { + "version_affected": "=", + "version_value": "6.2.3.4" + }, + { + "version_affected": "=", + "version_value": "6.2.3.5" + }, + { + "version_affected": "=", + "version_value": "6.2.3.6" + }, + { + "version_affected": "=", + "version_value": "6.2.3.7" + }, + { + "version_affected": "=", + "version_value": "6.2.3.8" + }, + { + "version_affected": "=", + "version_value": "6.2.3.10" + }, + { + "version_affected": "=", + "version_value": "6.2.3.11" + }, + { + "version_affected": "=", + "version_value": "6.2.3.9" + }, + { + "version_affected": "=", + "version_value": "6.2.3.12" + }, + { + "version_affected": "=", + "version_value": "6.2.3.13" + }, + { + "version_affected": "=", + "version_value": "6.2.3.14" + }, + { + "version_affected": "=", + "version_value": "6.2.3.15" + }, + { + "version_affected": "=", + "version_value": "6.2.3.16" + }, + { + "version_affected": "=", + "version_value": "6.2.3.17" + }, + { + "version_affected": "=", + "version_value": "6.2.3.18" + }, + { + "version_affected": "=", + "version_value": "6.6.0" + }, + { + "version_affected": "=", + "version_value": "6.6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.6.1" + }, + { + "version_affected": "=", + "version_value": "6.6.3" + }, + { + "version_affected": "=", + "version_value": "6.6.4" + }, + { + "version_affected": "=", + "version_value": "6.6.5" + }, + { + "version_affected": "=", + "version_value": "6.6.5.1" + }, + { + "version_affected": "=", + "version_value": "6.6.5.2" + }, + { + "version_affected": "=", + "version_value": "6.6.7" + }, + { + "version_affected": "=", + "version_value": "6.6.7.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0" + }, + { + "version_affected": "=", + "version_value": "6.4.0.1" + }, + { + "version_affected": "=", + "version_value": "6.4.0.3" + }, + { + "version_affected": "=", + "version_value": "6.4.0.2" + }, + { + "version_affected": "=", + "version_value": "6.4.0.4" + }, + { + "version_affected": "=", + "version_value": "6.4.0.5" + }, + { + "version_affected": "=", + "version_value": "6.4.0.6" + }, + { + "version_affected": "=", + "version_value": "6.4.0.7" + }, + { + "version_affected": "=", + "version_value": "6.4.0.8" + }, + { + "version_affected": "=", + "version_value": "6.4.0.9" + }, + { + "version_affected": "=", + "version_value": "6.4.0.10" + }, + { + "version_affected": "=", + "version_value": "6.4.0.11" + }, + { + "version_affected": "=", + "version_value": "6.4.0.12" + }, + { + "version_affected": "=", + "version_value": "6.4.0.13" + }, + { + "version_affected": "=", + "version_value": "6.4.0.14" + }, + { + "version_affected": "=", + "version_value": "6.4.0.15" + }, + { + "version_affected": "=", + "version_value": "6.4.0.16" + }, + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.2.4" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT" + } + ] + }, + "source": { + "advisory": "cisco-sa-asaftd-multi-cert-dzA3h5PT", + "discovery": "INTERNAL", + "defects": [ + "CSCwe20918" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20255.json b/2023/20xxx/CVE-2023-20255.json index 755e4d5ab94..39f4b14d3c3 100644 --- a/2023/20xxx/CVE-2023-20255.json +++ b/2023/20xxx/CVE-2023-20255.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20255", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause a partial availability condition, which could cause ongoing video calls to be dropped due to the invalid packets reaching the Web Bridge." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Meeting Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-segfault-G6ES4Ve8", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-segfault-G6ES4Ve8" + } + ] + }, + "source": { + "advisory": "cisco-sa-cms-segfault-G6ES4Ve8", + "discovery": "INTERNAL", + "defects": [ + "CSCwb34458", + "CSCwc01047" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" } ] } diff --git a/2023/20xxx/CVE-2023-20264.json b/2023/20xxx/CVE-2023-20264.json index b70dbd403c3..dad8e677f7f 100644 --- a/2023/20xxx/CVE-2023-20264.json +++ b/2023/20xxx/CVE-2023-20264.json @@ -1,17 +1,148 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20264", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.18.1" + }, + { + "version_affected": "=", + "version_value": "9.18.1.3" + }, + { + "version_affected": "=", + "version_value": "9.18.2" + }, + { + "version_affected": "=", + "version_value": "9.18.2.5" + }, + { + "version_affected": "=", + "version_value": "9.18.2.7" + }, + { + "version_affected": "=", + "version_value": "9.18.2.8" + }, + { + "version_affected": "=", + "version_value": "9.18.3" + }, + { + "version_affected": "=", + "version_value": "9.18.3.39" + }, + { + "version_affected": "=", + "version_value": "9.18.3.46" + }, + { + "version_affected": "=", + "version_value": "9.19.1.5" + }, + { + "version_affected": "=", + "version_value": "9.19.1.9" + }, + { + "version_affected": "=", + "version_value": "9.19.1.12" + } + ] + } + }, + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.2.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz" + } + ] + }, + "source": { + "advisory": "cisco-sa-asaftd-saml-hijack-ttuQfyz", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf85757" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/20xxx/CVE-2023-20267.json b/2023/20xxx/CVE-2023-20267.json index 6826eb167cf..a5c76a8ce19 100644 --- a/2023/20xxx/CVE-2023-20267.json +++ b/2023/20xxx/CVE-2023-20267.json @@ -1,17 +1,189 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-20267", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.7.0" + }, + { + "version_affected": "=", + "version_value": "6.7.0.1" + }, + { + "version_affected": "=", + "version_value": "6.7.0.2" + }, + { + "version_affected": "=", + "version_value": "6.7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.0" + }, + { + "version_affected": "=", + "version_value": "7.0.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1" + }, + { + "version_affected": "=", + "version_value": "7.0.1.1" + }, + { + "version_affected": "=", + "version_value": "7.0.2" + }, + { + "version_affected": "=", + "version_value": "7.0.2.1" + }, + { + "version_affected": "=", + "version_value": "7.0.3" + }, + { + "version_affected": "=", + "version_value": "7.0.4" + }, + { + "version_affected": "=", + "version_value": "7.0.5" + }, + { + "version_affected": "=", + "version_value": "7.1.0" + }, + { + "version_affected": "=", + "version_value": "7.1.0.1" + }, + { + "version_affected": "=", + "version_value": "7.1.0.2" + }, + { + "version_affected": "=", + "version_value": "7.1.0.3" + }, + { + "version_affected": "=", + "version_value": "7.2.0" + }, + { + "version_affected": "=", + "version_value": "7.2.0.1" + }, + { + "version_affected": "=", + "version_value": "7.2.1" + }, + { + "version_affected": "=", + "version_value": "7.2.2" + }, + { + "version_affected": "=", + "version_value": "7.2.3" + }, + { + "version_affected": "=", + "version_value": "7.3.0" + }, + { + "version_affected": "=", + "version_value": "7.3.1" + }, + { + "version_affected": "=", + "version_value": "7.3.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn" + } + ] + }, + "source": { + "advisory": "cisco-sa-ftdsnort3sip-bypass-LMz2ThKn", + "discovery": "EXTERNAL", + "defects": [ + "CSCwe69833" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2023/5xxx/CVE-2023-5358.json b/2023/5xxx/CVE-2023-5358.json index fc173d8281d..20399f4bba1 100644 --- a/2023/5xxx/CVE-2023-5358.json +++ b/2023/5xxx/CVE-2023-5358.json @@ -1,18 +1,70 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@devolutions.net", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Devolutions", + "product": { + "product_data": [ + { + "product_name": "Devolutions Server", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2023.2.10.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2023-0019/", + "refsource": "MISC", + "name": "https://devolutions.net/security/advisories/DEVO-2023-0019/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5480.json b/2023/5xxx/CVE-2023-5480.json index 62d1e1e7008..35de003a1a9 100644 --- a/2023/5xxx/CVE-2023-5480.json +++ b/2023/5xxx/CVE-2023-5480.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1492698", + "refsource": "MISC", + "name": "https://crbug.com/1492698" } ] } diff --git a/2023/5xxx/CVE-2023-5482.json b/2023/5xxx/CVE-2023-5482.json index 675829baf11..e90d00f5da7 100644 --- a/2023/5xxx/CVE-2023-5482.json +++ b/2023/5xxx/CVE-2023-5482.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5482", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient data validation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1492381", + "refsource": "MISC", + "name": "https://crbug.com/1492381" } ] } diff --git a/2023/5xxx/CVE-2023-5765.json b/2023/5xxx/CVE-2023-5765.json index 312e66518d2..ef3da5fe770 100644 --- a/2023/5xxx/CVE-2023-5765.json +++ b/2023/5xxx/CVE-2023-5765.json @@ -1,18 +1,70 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5765", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@devolutions.net", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Devolutions", + "product": { + "product_data": [ + { + "product_name": "Remote Desktop Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2023.2.33" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2023-0019/", + "refsource": "MISC", + "name": "https://devolutions.net/security/advisories/DEVO-2023-0019/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5766.json b/2023/5xxx/CVE-2023-5766.json index 5d5c0111355..743c78d2a35 100644 --- a/2023/5xxx/CVE-2023-5766.json +++ b/2023/5xxx/CVE-2023-5766.json @@ -1,18 +1,70 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5766", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@devolutions.net", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\n\nA remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.\n\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Devolutions", + "product": { + "product_data": [ + { + "product_name": "Remote Desktop Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2023.2.33" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2023-0019/", + "refsource": "MISC", + "name": "https://devolutions.net/security/advisories/DEVO-2023-0019/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5849.json b/2023/5xxx/CVE-2023-5849.json index 3dad7b36e74..7ebc2791807 100644 --- a/2023/5xxx/CVE-2023-5849.json +++ b/2023/5xxx/CVE-2023-5849.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5849", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer overflow" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1492384", + "refsource": "MISC", + "name": "https://crbug.com/1492384" } ] } diff --git a/2023/5xxx/CVE-2023-5850.json b/2023/5xxx/CVE-2023-5850.json index 3c08217da3a..a8620a46064 100644 --- a/2023/5xxx/CVE-2023-5850.json +++ b/2023/5xxx/CVE-2023-5850.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5850", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect security UI" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1281972", + "refsource": "MISC", + "name": "https://crbug.com/1281972" } ] } diff --git a/2023/5xxx/CVE-2023-5851.json b/2023/5xxx/CVE-2023-5851.json index 5a3b7f960e7..cfc157c05a1 100644 --- a/2023/5xxx/CVE-2023-5851.json +++ b/2023/5xxx/CVE-2023-5851.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5851", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1473957", + "refsource": "MISC", + "name": "https://crbug.com/1473957" } ] } diff --git a/2023/5xxx/CVE-2023-5852.json b/2023/5xxx/CVE-2023-5852.json index f27545e68c6..3a257f683ae 100644 --- a/2023/5xxx/CVE-2023-5852.json +++ b/2023/5xxx/CVE-2023-5852.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5852", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1480852", + "refsource": "MISC", + "name": "https://crbug.com/1480852" } ] } diff --git a/2023/5xxx/CVE-2023-5853.json b/2023/5xxx/CVE-2023-5853.json index 981ad488105..169e5fea62a 100644 --- a/2023/5xxx/CVE-2023-5853.json +++ b/2023/5xxx/CVE-2023-5853.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5853", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect security UI" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1456876", + "refsource": "MISC", + "name": "https://crbug.com/1456876" } ] } diff --git a/2023/5xxx/CVE-2023-5854.json b/2023/5xxx/CVE-2023-5854.json index c3bf77c9357..132e0e7c544 100644 --- a/2023/5xxx/CVE-2023-5854.json +++ b/2023/5xxx/CVE-2023-5854.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5854", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1488267", + "refsource": "MISC", + "name": "https://crbug.com/1488267" } ] } diff --git a/2023/5xxx/CVE-2023-5855.json b/2023/5xxx/CVE-2023-5855.json index 28a123516b2..146b2b0fc5e 100644 --- a/2023/5xxx/CVE-2023-5855.json +++ b/2023/5xxx/CVE-2023-5855.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5855", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1492396", + "refsource": "MISC", + "name": "https://crbug.com/1492396" } ] } diff --git a/2023/5xxx/CVE-2023-5856.json b/2023/5xxx/CVE-2023-5856.json index 0c778a2c2a1..548a11e0ca8 100644 --- a/2023/5xxx/CVE-2023-5856.json +++ b/2023/5xxx/CVE-2023-5856.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5856", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1493380", + "refsource": "MISC", + "name": "https://crbug.com/1493380" } ] } diff --git a/2023/5xxx/CVE-2023-5857.json b/2023/5xxx/CVE-2023-5857.json index c0e8aa65cad..54464b167c0 100644 --- a/2023/5xxx/CVE-2023-5857.json +++ b/2023/5xxx/CVE-2023-5857.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5857", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1493435", + "refsource": "MISC", + "name": "https://crbug.com/1493435" } ] } diff --git a/2023/5xxx/CVE-2023-5858.json b/2023/5xxx/CVE-2023-5858.json index c3d9f03d68f..f7921fa02c9 100644 --- a/2023/5xxx/CVE-2023-5858.json +++ b/2023/5xxx/CVE-2023-5858.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5858", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1457704", + "refsource": "MISC", + "name": "https://crbug.com/1457704" } ] } diff --git a/2023/5xxx/CVE-2023-5859.json b/2023/5xxx/CVE-2023-5859.json index 96ce8e190f2..cc66e327f6d 100644 --- a/2023/5xxx/CVE-2023-5859.json +++ b/2023/5xxx/CVE-2023-5859.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5859", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect security UI" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "119.0.6045.105", + "version_value": "119.0.6045.105" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html" + }, + { + "url": "https://crbug.com/1482045", + "refsource": "MISC", + "name": "https://crbug.com/1482045" } ] } diff --git a/2024/0xxx/CVE-2024-0001.json b/2024/0xxx/CVE-2024-0001.json new file mode 100644 index 00000000000..5cf87423545 --- /dev/null +++ b/2024/0xxx/CVE-2024-0001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0002.json b/2024/0xxx/CVE-2024-0002.json new file mode 100644 index 00000000000..fd7453765ef --- /dev/null +++ b/2024/0xxx/CVE-2024-0002.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0002", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0003.json b/2024/0xxx/CVE-2024-0003.json new file mode 100644 index 00000000000..d70caa19047 --- /dev/null +++ b/2024/0xxx/CVE-2024-0003.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0003", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0004.json b/2024/0xxx/CVE-2024-0004.json new file mode 100644 index 00000000000..dfa30d89096 --- /dev/null +++ b/2024/0xxx/CVE-2024-0004.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0004", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0005.json b/2024/0xxx/CVE-2024-0005.json new file mode 100644 index 00000000000..8e8205a5dc5 --- /dev/null +++ b/2024/0xxx/CVE-2024-0005.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0005", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file