admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-02-13 09:00:48 +00:00
parent b9b66cce9e
commit 2c4fd15daf
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
10 changed files with 955 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
2023/46xxx/CVE-2023-46283.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V2312"
}
]
}
@ -51,8 +52,21 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1"
"version_affected": "<",
"version_name": "0",
"version_value": "V4.1"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0 SP1"
}
]
}
@ -73,8 +87,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -84,8 +99,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -95,8 +111,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -106,8 +123,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V17 Update 7"
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
}
]
}
@ -117,8 +135,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V18 Update 3"
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 3"
}
]
}
@ -135,6 +154,11 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
},

54
2023/46xxx/CVE-2023-46284.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V2312"
}
]
}
@ -51,8 +52,21 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1"
"version_affected": "<",
"version_name": "0",
"version_value": "V4.1"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0 SP1"
}
]
}
@ -73,8 +87,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -84,8 +99,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -95,8 +111,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -106,8 +123,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V17 Update 7"
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
}
]
}
@ -117,8 +135,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V18 Update 3"
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 3"
}
]
}
@ -135,6 +154,11 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
},

54
2023/46xxx/CVE-2023-46285.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
"value": "A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI\u00a0/Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "V2312"
}
]
}
@ -51,8 +52,21 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1"
"version_affected": "<",
"version_name": "0",
"version_value": "V4.1"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V2.0 SP1"
}
]
}
@ -73,8 +87,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -84,8 +99,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -95,8 +111,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
@ -106,8 +123,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V17 Update 7"
"version_affected": "<",
"version_name": "0",
"version_value": "V17 Update 7"
}
]
}
@ -117,8 +135,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V18 Update 3"
"version_affected": "<",
"version_name": "0",
"version_value": "V18 Update 3"
}
]
}
@ -135,6 +154,11 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
},

161
2023/48xxx/CVE-2023-48363.json
View File

@ -1,17 +1,170 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions), SIMATIC WinCC Runtime Professional V19 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 SP4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "OpenPCS 7 V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC BATCH V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC Route Control V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V19",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V7.5 SP2 Update 15"
}
]
}
},
{
"product_name": "SIMATIC WinCC V8.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0 SP4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

161
2023/48xxx/CVE-2023-48364.json
View File

@ -1,17 +1,170 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions), SIMATIC WinCC Runtime Professional V19 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 SP4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "OpenPCS 7 V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC BATCH V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC Route Control V9.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V19",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V7.5 SP2 Update 15"
}
]
}
},
{
"product_name": "SIMATIC WinCC V8.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0 SP4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

89
2023/49xxx/CVE-2023-49125.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49125",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted files containing XT format. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V35.0.263"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V35.1.252"
}
]
}
},
{
"product_name": "Parasolid V36.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V36.0.198"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

184
2023/49xxx/CVE-2023-49691.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V8.0), SCALANCE M804PB (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (All versions < V8.0), SCALANCE M874-2 (All versions < V8.0), SCALANCE M874-3 (All versions < V8.0), SCALANCE M876-3 (EVDO) (All versions < V8.0), SCALANCE M876-3 (ROK) (All versions < V8.0), SCALANCE M876-4 (All versions < V8.0), SCALANCE M876-4 (EU) (All versions < V8.0), SCALANCE M876-4 (NAM) (All versions < V8.0), SCALANCE MUM853-1 (EU) (All versions < V8.0), SCALANCE MUM856-1 (EU) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (All versions < V8.0), SCALANCE S615 (All versions < V8.0), SCALANCE S615 EEC (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V8.0), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -51,8 +52,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -62,8 +64,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -73,8 +76,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -84,8 +88,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -95,8 +100,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -106,8 +112,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -117,8 +124,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -128,8 +136,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -139,8 +148,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -150,8 +160,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -161,8 +172,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -172,8 +184,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -183,8 +196,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -194,8 +208,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -205,8 +220,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -216,8 +232,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -227,8 +244,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -238,8 +256,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
@ -249,8 +268,81 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V8.0"
"version_affected": "<",
"version_name": "0",
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
@ -267,6 +359,16 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html"
}
]
},

184
2023/49xxx/CVE-2023-49692.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2.2), SCALANCE M804PB (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2.2), SCALANCE M874-2 (All versions < V7.2.2), SCALANCE M874-3 (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (All versions < V7.2.2), SCALANCE M876-4 (All versions < V7.2.2), SCALANCE M876-4 (EU) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2.2), SCALANCE S615 (All versions < V7.2.2), SCALANCE S615 EEC (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -51,8 +52,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -62,8 +64,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -73,8 +76,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -84,8 +88,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -95,8 +100,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -106,8 +112,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -117,8 +124,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -128,8 +136,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -139,8 +148,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -150,8 +160,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -161,8 +172,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -172,8 +184,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -183,8 +196,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -194,8 +208,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -205,8 +220,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -216,8 +232,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -227,8 +244,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -238,8 +256,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
@ -249,8 +268,81 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V7.2.2"
"version_affected": "<",
"version_name": "0",
"version_value": "V7.2.2"
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "V3.0.2"
}
]
}
@ -267,6 +359,16 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html"
}
]
},

64
2023/50xxx/CVE-2023-50236.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50236",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Polarion ALM (All versions). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\\SYSTEM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions",
"cweId": "CWE-276"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Polarion ALM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-871717.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-871717.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

97
2023/51xxx/CVE-2023-51440.json
View File

@ -1,17 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51440",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-940: Improper Verification of Source of a Communication Channel",
"cweId": "CWE-940"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SIMATIC CP 343-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC CP 343-1 Lean",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIPLUS NET CP 343-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIPLUS NET CP 343-1 Lean",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}