From 3060cb37aa9c0e4675e3ee05b3bef8e9cc7deff1 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 10 Apr 2024 20:09:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/22xxx/CVE-2024-22423.json | 5 + 2024/24xxx/CVE-2024-24576.json | 5 + 2024/26xxx/CVE-2024-26643.json | 18 ++- 2024/26xxx/CVE-2024-26810.json | 15 +- 2024/26xxx/CVE-2024-26811.json | 35 ++++- 2024/26xxx/CVE-2024-26812.json | 15 +- 2024/26xxx/CVE-2024-26813.json | 15 +- 2024/26xxx/CVE-2024-26814.json | 15 +- 2024/27xxx/CVE-2024-27437.json | 15 +- 2024/29xxx/CVE-2024-29269.json | 56 ++++++- 2024/29xxx/CVE-2024-29500.json | 56 ++++++- 2024/29xxx/CVE-2024-29502.json | 56 ++++++- 2024/31xxx/CVE-2024-31871.json | 84 +++++++++- 2024/31xxx/CVE-2024-31872.json | 84 +++++++++- 2024/31xxx/CVE-2024-31873.json | 84 +++++++++- 2024/31xxx/CVE-2024-31874.json | 84 +++++++++- 2024/31xxx/CVE-2024-31981.json | 104 +++++++++++- 2024/31xxx/CVE-2024-31982.json | 104 +++++++++++- 2024/31xxx/CVE-2024-31983.json | 104 +++++++++++- 2024/31xxx/CVE-2024-31984.json | 119 +++++++++++++- 2024/3xxx/CVE-2024-3283.json | 82 +++++++++- 2024/3xxx/CVE-2024-3382.json | 229 ++++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3383.json | 217 ++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3384.json | 232 ++++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3385.json | 254 +++++++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3386.json | 280 ++++++++++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3387.json | 215 ++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3388.json | 274 +++++++++++++++++++++++++++++++- 2024/3xxx/CVE-2024-3525.json | 100 +++++++++++- 2024/3xxx/CVE-2024-3526.json | 100 +++++++++++- 2024/3xxx/CVE-2024-3566.json | 128 ++++++++++++++- 2024/3xxx/CVE-2024-3633.json | 18 +++ 2024/3xxx/CVE-2024-3634.json | 18 +++ 2024/3xxx/CVE-2024-3635.json | 18 +++ 34 files changed, 3132 insertions(+), 106 deletions(-) create mode 100644 2024/3xxx/CVE-2024-3633.json create mode 100644 2024/3xxx/CVE-2024-3634.json create mode 100644 2024/3xxx/CVE-2024-3635.json diff --git a/2024/22xxx/CVE-2024-22423.json b/2024/22xxx/CVE-2024-22423.json index 5a94a93e01a..3d267f88989 100644 --- a/2024/22xxx/CVE-2024-22423.json +++ b/2024/22xxx/CVE-2024-22423.json @@ -83,6 +83,11 @@ "url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2024.04.09", "refsource": "MISC", "name": "https://github.com/yt-dlp/yt-dlp/releases/tag/2024.04.09" + }, + { + "url": "https://www.kb.cert.org/vuls/id/123335", + "refsource": "MISC", + "name": "https://www.kb.cert.org/vuls/id/123335" } ] }, diff --git a/2024/24xxx/CVE-2024-24576.json b/2024/24xxx/CVE-2024-24576.json index e5ffbf55118..ca46e90cae7 100644 --- a/2024/24xxx/CVE-2024-24576.json +++ b/2024/24xxx/CVE-2024-24576.json @@ -102,6 +102,11 @@ "url": "https://www.rust-lang.org/policies/security", "refsource": "MISC", "name": "https://www.rust-lang.org/policies/security" + }, + { + "url": "https://www.kb.cert.org/vuls/id/123335", + "refsource": "MISC", + "name": "https://www.kb.cert.org/vuls/id/123335" } ] }, diff --git a/2024/26xxx/CVE-2024-26643.json b/2024/26xxx/CVE-2024-26643.json index 42f705e5f5f..a48dbd287b6 100644 --- a/2024/26xxx/CVE-2024-26643.json +++ b/2024/26xxx/CVE-2024-26643.json @@ -38,6 +38,11 @@ "product_name": "Linux", "version": { "version_data": [ + { + "version_affected": "<", + "version_name": "d19e8bf3ea41", + "version_value": "291cca35818b" + }, { "version_affected": "<", "version_name": "ea3eb9f2192e", @@ -62,6 +67,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -101,6 +112,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363" + }, { "url": "https://git.kernel.org/stable/c/406b0241d0eb598a0b330ab20ae325537d8d8163", "refsource": "MISC", @@ -124,6 +140,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/26xxx/CVE-2024-26810.json b/2024/26xxx/CVE-2024-26810.json index 6fe63128cf8..01cce7a8f2e 100644 --- a/2024/26xxx/CVE-2024-26810.json +++ b/2024/26xxx/CVE-2024-26810.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "89e1f7d4c66d", - "version_value": "3fe0ac10bd11" + "version_value": "ec73e0797292" }, { "version_value": "not down converted", @@ -57,6 +57,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -102,6 +108,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/ec73e079729258a05452356cf6d098bf1504d5a6", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ec73e079729258a05452356cf6d098bf1504d5a6" + }, { "url": "https://git.kernel.org/stable/c/3fe0ac10bd117df847c93408a9d428a453cd60e5", "refsource": "MISC", @@ -130,6 +141,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/26xxx/CVE-2024-26811.json b/2024/26xxx/CVE-2024-26811.json index 1c7d7d420f8..bbd6fae7e31 100644 --- a/2024/26xxx/CVE-2024-26811.json +++ b/2024/26xxx/CVE-2024-26811.json @@ -41,12 +41,30 @@ { "version_affected": "<", "version_name": "1da177e4c3f4", - "version_value": "a677ebd8ca2f" + "version_value": "51a6c2af9d20" }, { "version_value": "not down converted", "x_cve_json_5_version_data": { "versions": [ + { + "version": "6.1.85", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.26", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.5", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.9-rc3", "lessThanOrEqual": "*", @@ -68,6 +86,21 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/51a6c2af9d20203ddeeaf73314ba8854b38d01bd", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/51a6c2af9d20203ddeeaf73314ba8854b38d01bd" + }, + { + "url": "https://git.kernel.org/stable/c/a637fabac554270a851033f5ab402ecb90bc479c", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/a637fabac554270a851033f5ab402ecb90bc479c" + }, + { + "url": "https://git.kernel.org/stable/c/76af689a45aa44714b46d1a7de4ffdf851ded896", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/76af689a45aa44714b46d1a7de4ffdf851ded896" + }, { "url": "https://git.kernel.org/stable/c/a677ebd8ca2f2632ccdecbad7b87641274e15aac", "refsource": "MISC", diff --git a/2024/26xxx/CVE-2024-26812.json b/2024/26xxx/CVE-2024-26812.json index f8689359ce8..72b74d87ce9 100644 --- a/2024/26xxx/CVE-2024-26812.json +++ b/2024/26xxx/CVE-2024-26812.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "89e1f7d4c66d", - "version_value": "7d29d4c72c1e" + "version_value": "4cb0d7532126" }, { "version_value": "not down converted", @@ -57,6 +57,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -102,6 +108,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c" + }, { "url": "https://git.kernel.org/stable/c/7d29d4c72c1e196cce6969c98072a272d1a703b3", "refsource": "MISC", @@ -130,6 +141,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/26xxx/CVE-2024-26813.json b/2024/26xxx/CVE-2024-26813.json index 9b6fa7100f2..19f6f70ab4d 100644 --- a/2024/26xxx/CVE-2024-26813.json +++ b/2024/26xxx/CVE-2024-26813.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "57f972e2b341", - "version_value": "7932db06c82c" + "version_value": "cc5838f19d39" }, { "version_value": "not down converted", @@ -57,6 +57,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -102,6 +108,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/cc5838f19d39a5fef04c468199699d2a4578be3a", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/cc5838f19d39a5fef04c468199699d2a4578be3a" + }, { "url": "https://git.kernel.org/stable/c/7932db06c82c5b2f42a4d1a849d97dba9ce4a362", "refsource": "MISC", @@ -130,6 +141,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/26xxx/CVE-2024-26814.json b/2024/26xxx/CVE-2024-26814.json index d741430d22e..091338187da 100644 --- a/2024/26xxx/CVE-2024-26814.json +++ b/2024/26xxx/CVE-2024-26814.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "cc0ee20bd969", - "version_value": "083e750c9f5f" + "version_value": "250219c6a556" }, { "version_value": "not down converted", @@ -57,6 +57,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -102,6 +108,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/250219c6a556f8c69c5910fca05a59037e24147d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/250219c6a556f8c69c5910fca05a59037e24147d" + }, { "url": "https://git.kernel.org/stable/c/083e750c9f5f4c3bf61161330fb84d7c8e8bb417", "refsource": "MISC", @@ -130,6 +141,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/27xxx/CVE-2024-27437.json b/2024/27xxx/CVE-2024-27437.json index 9d3d51483d6..bc15b49f534 100644 --- a/2024/27xxx/CVE-2024-27437.json +++ b/2024/27xxx/CVE-2024-27437.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "89e1f7d4c66d", - "version_value": "139dfcc4d723" + "version_value": "b7a2f0955ffc" }, { "version_value": "not down converted", @@ -57,6 +57,12 @@ "status": "unaffected", "versionType": "custom" }, + { + "version": "5.15.154", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", @@ -102,6 +108,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/b7a2f0955ffceffadfe098b40b50307431f45438", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/b7a2f0955ffceffadfe098b40b50307431f45438" + }, { "url": "https://git.kernel.org/stable/c/139dfcc4d723ab13469881200c7d80f49d776060", "refsource": "MISC", @@ -130,6 +141,6 @@ ] }, "generator": { - "engine": "bippy-5f0117140d9a" + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2024/29xxx/CVE-2024-29269.json b/2024/29xxx/CVE-2024-29269.json index 83584da3262..008717486b7 100644 --- a/2024/29xxx/CVE-2024-29269.json +++ b/2024/29xxx/CVE-2024-29269.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29269", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29269", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/wutalent/CVE-2024-29269/blob/main/index.md", + "url": "https://github.com/wutalent/CVE-2024-29269/blob/main/index.md" } ] } diff --git a/2024/29xxx/CVE-2024-29500.json b/2024/29xxx/CVE-2024-29500.json index 0f88049f202..06ff4ddb183 100644 --- a/2024/29xxx/CVE-2024-29500.json +++ b/2024/29xxx/CVE-2024-29500.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29500", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29500", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening", + "refsource": "MISC", + "name": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening" } ] } diff --git a/2024/29xxx/CVE-2024-29502.json b/2024/29xxx/CVE-2024-29502.json index 223d7b806f5..a20615f60c4 100644 --- a/2024/29xxx/CVE-2024-29502.json +++ b/2024/29xxx/CVE-2024-29502.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29502", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29502", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Secure Lockdown Multi Application Edition v2.00.219 allows attackers to read arbitrary files via using UNC paths." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening", + "refsource": "MISC", + "name": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening" } ] } diff --git a/2024/31xxx/CVE-2024-31871.json b/2024/31xxx/CVE-2024-31871.json index 2a042a3a0d1..fcf7dacbeb9 100644 --- a/2024/31xxx/CVE-2024-31871.json +++ b/2024/31xxx/CVE-2024-31871.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31871", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Python scripts due to improper certificate validation. IBM X-Force ID: 287306." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-295 Improper Certificate Validation", + "cweId": "CWE-295" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Appliance", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "10.0.0", + "version_value": "10.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7147932", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7147932" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287306", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287306" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31872.json b/2024/31xxx/CVE-2024-31872.json index 7f478973095..7c0f499255d 100644 --- a/2024/31xxx/CVE-2024-31872.json +++ b/2024/31xxx/CVE-2024-31872.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31872", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation. IBM X-Force ID: 287316." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-599 Missing Validation of OpenSSL Certificate", + "cweId": "CWE-599" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Appliance", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "10.0.0", + "version_value": "10.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7147932", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7147932" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287316", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287316" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31873.json b/2024/31xxx/CVE-2024-31873.json index cefdb6ae6a4..d70f2730cb5 100644 --- a/2024/31xxx/CVE-2024-31873.json +++ b/2024/31xxx/CVE-2024-31873.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31873", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which it uses for its own inbound authentication that could be obtained by a malicious actor. IBM X-Force ID: 287317.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials", + "cweId": "CWE-798" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Appliance", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "10.0.0", + "version_value": "10.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7147932", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7147932" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287317", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287317" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31874.json b/2024/31xxx/CVE-2024-31874.json index a4a9f33f663..d1e0078a855 100644 --- a/2024/31xxx/CVE-2024-31874.json +++ b/2024/31xxx/CVE-2024-31874.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Security Verify Access Appliance 10.0.0 through 10.0.7 uses uninitialized variables when deploying that could allow a local user to cause a denial of service. IBM X-Force ID: 287318." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-457 Use of Uninitialized Variable", + "cweId": "CWE-457" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Appliance", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "10.0.0", + "version_value": "10.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7147932", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7147932" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287318", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287318" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31981.json b/2024/31xxx/CVE-2024-31981.json index 616de936ea1..8c1c217316c 100644 --- a/2024/31xxx/CVE-2024-31981.json +++ b/2024/31xxx/CVE-2024-31981.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31981", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, remote code execution is possible via PDF export templates. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10-rc-1. If PDF templates are not typically used on the instance, an administrator can create the document `XWiki.PDFClass` and block its edition, after making sure that it does not contain a `style` attribute. Otherwise, there are no known workarounds aside from upgrading." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.1, < 14.10.20" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.5.4" + }, + { + "version_affected": "=", + "version_value": ">= 15.6-rc-1, < 15.10-rc-1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vxwr-wpjv-qjq7", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vxwr-wpjv-qjq7" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/a4ad14d9c1605a5ab957237e505ebbb29f5b9d73", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/a4ad14d9c1605a5ab957237e505ebbb29f5b9d73" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/d28e21a670c69880b951e415dd2ddd69d273eae9", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/d28e21a670c69880b951e415dd2ddd69d273eae9" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21337", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21337" + } + ] + }, + "source": { + "advisory": "GHSA-vxwr-wpjv-qjq7", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31982.json b/2024/31xxx/CVE-2024-31982.json index 5d5f9e579b7..b91ca8b4df7 100644 --- a/2024/31xxx/CVE-2024-31982.json +++ b/2024/31xxx/CVE-2024-31982.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31982", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.4-milestone-1, < 14.10.20" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.5.4" + }, + { + "version_affected": "=", + "version_value": ">= 15.6-rc-1, < 15.10-rc-1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2858-8cfx-69m9", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2858-8cfx-69m9" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/3c9e4bb04286de94ad24854026a09fa967538e31", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/3c9e4bb04286de94ad24854026a09fa967538e31" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/459e968be8740c8abc2a168196ce21e5ba93cfb8", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/459e968be8740c8abc2a168196ce21e5ba93cfb8" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/95bdd6cc6298acdf7f8f21298d40eeb8390a8565", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/95bdd6cc6298acdf7f8f21298d40eeb8390a8565" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21472", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21472" + } + ] + }, + "source": { + "advisory": "GHSA-2858-8cfx-69m9", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31983.json b/2024/31xxx/CVE-2024-31983.json index 0442436a492..dd1f196715f 100644 --- a/2024/31xxx/CVE-2024-31983.json +++ b/2024/31xxx/CVE-2024-31983.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31983", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform. In multilingual wikis, translations can be edited by any user who has edit right, circumventing the rights that are normally required for authoring translations (script right for user-scope translations, wiki admin for translations on the wiki). Starting in version 4.3-milestone-2 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, this can be exploited for remote code execution if the translation value is not properly escaped where it is used. This has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may restrict edit rights on documents that contain translations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 4.3-milestone-2, < 14.10.20" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.5.4" + }, + { + "version_affected": "=", + "version_value": ">= 15.6-rc-1, < 15.10-rc-1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xxp2-9c9g-7wmj", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xxp2-9c9g-7wmj" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/73aef9648bbff04b697837f1b906932f0d5caacb", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/73aef9648bbff04b697837f1b906932f0d5caacb" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/c4c8d61c30de72298d805ccc82df2a307f131c54", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/c4c8d61c30de72298d805ccc82df2a307f131c54" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21411", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21411" + } + ] + }, + "source": { + "advisory": "GHSA-xxp2-9c9g-7wmj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31984.json b/2024/31xxx/CVE-2024-31984.json index 6d11343285f..b89a5338102 100644 --- a/2024/31xxx/CVE-2024-31984.json +++ b/2024/31xxx/CVE-2024-31984.json @@ -1,17 +1,128 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31984", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the (Solr-based) search in XWiki. This allows any user who can edit the title of a space (all users by default) to execute any Groovy code in the XWiki installation which compromises the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the `Main.SolrSpaceFacet` page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 7.2-rc-1, < 14.10.20" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.5.4" + }, + { + "version_affected": "=", + "version_value": ">= 15.6-rc-1, < 15.10-rc-1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xm4h-3jxr-m3c6", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xm4h-3jxr-m3c6" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/5ef9d294d37be92ee22b2549e38663b29dce8767", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/5ef9d294d37be92ee22b2549e38663b29dce8767" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/74e301c481e69eeea674dac7fed6af3614cf08c5", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/74e301c481e69eeea674dac7fed6af3614cf08c5" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/94fc12db87c2431eb1335ecb9c2954b1905bde62", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/94fc12db87c2431eb1335ecb9c2954b1905bde62" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/acba74c149a041345b24dcca52c586f872ba97fb", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/acba74c149a041345b24dcca52c586f872ba97fb" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/ef55105d6eeec5635fd693f0070c5aaaf3bdd940", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/ef55105d6eeec5635fd693f0070c5aaaf3bdd940" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21471", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21471" + } + ] + }, + "source": { + "advisory": "GHSA-xm4h-3jxr-m3c6", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3283.json b/2024/3xxx/CVE-2024-3283.json index 390cbaf4afa..24a917fdc0a 100644 --- a/2024/3xxx/CVE-2024-3283.json +++ b/2024/3xxx/CVE-2024-3283.json @@ -1,17 +1,91 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@huntr.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate their privileges to admin roles through a mass assignment issue. The '/admin/system-preferences' API endpoint improperly authorizes manager-level users to modify the 'multi_user_mode' system variable, enabling them to access the '/api/system/enable-multi-user' endpoint and create a new admin user. This issue results from the endpoint accepting a full JSON object in the request body without proper validation of modifiable fields, leading to unauthorized modification of system settings and subsequent privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes", + "cweId": "CWE-915" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mintplex-labs", + "product": { + "product_data": [ + { + "product_name": "mintplex-labs/anything-llm", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "1.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://huntr.com/bounties/a8000cce-0ecb-4820-9cfb-57ba6f4d58a2", + "refsource": "MISC", + "name": "https://huntr.com/bounties/a8000cce-0ecb-4820-9cfb-57ba6f4d58a2" + }, + { + "url": "https://github.com/mintplex-labs/anything-llm/commit/52fac844221a9b951d08ceb93c4c014e9397b1f2", + "refsource": "MISC", + "name": "https://github.com/mintplex-labs/anything-llm/commit/52fac844221a9b951d08ceb93c4c014e9397b1f2" + } + ] + }, + "source": { + "advisory": "a8000cce-0ecb-4820-9cfb-57ba6f4d58a2", + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2024/3xxx/CVE-2024-3382.json b/2024/3xxx/CVE-2024-3382.json index 5786207096f..a3333d4c5a6 100644 --- a/2024/3xxx/CVE-2024-3382.json +++ b/2024/3xxx/CVE-2024-3382.json @@ -1,17 +1,238 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3382", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770 Allocation of Resources Without Limits or Throttling", + "cweId": "CWE-770" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "9.0.0" + }, + { + "status": "unaffected", + "version": "9.1.0" + }, + { + "status": "unaffected", + "version": "10.1.0" + }, + { + "changes": [ + { + "at": "10.2.7-h3", + "status": "unaffected" + } + ], + "lessThan": "10.2.7-h3", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.4", + "status": "unaffected" + } + ], + "lessThan": "11.0.4", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.1.2", + "status": "unaffected" + } + ], + "lessThan": "11.1.2", + "status": "affected", + "version": "11.1.0", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3382", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3382" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-234921" + ], + "discovery": "USER" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption)." + } + ], + "value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption)." + } + ], + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption). Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion).
" + } + ], + "value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption) . Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted ( https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion) .\n" + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3383.json b/2024/3xxx/CVE-2024-3383.json index 68c1f3e3cfa..792ada1c25c 100644 --- a/2024/3xxx/CVE-2024-3383.json +++ b/2024/3xxx/CVE-2024-3383.json @@ -1,17 +1,226 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3383", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-282: Improper Ownership Management", + "cweId": "CWE-282" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "11.1.0" + }, + { + "changes": [ + { + "at": "11.0.3", + "status": "unaffected" + } + ], + "lessThan": "11.0.3", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.5", + "status": "unaffected" + } + ], + "lessThan": "10.2.5", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.1.11", + "status": "unaffected" + } + ], + "lessThan": "10.1.11", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "9.1.0" + }, + { + "status": "unaffected", + "version": "9.0.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3383", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3383" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-211764", + "PAN-218522" + ], + "discovery": "USER" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine)." + } + ], + "value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine)." + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks Rodgers Moore, CCIE# 8153 of Insight.com, for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3384.json b/2024/3xxx/CVE-2024-3384.json index cb031500bb6..dfdf92ac66c 100644 --- a/2024/3xxx/CVE-2024-3384.json +++ b/2024/3xxx/CVE-2024-3384.json @@ -1,17 +1,241 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3384", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1286 Improper Validation of Syntactic Correctness of Input", + "cweId": "CWE-1286" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "8.1.24", + "status": "unaffected" + } + ], + "lessThan": "8.1.24", + "status": "affected", + "version": "8.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.0.17", + "status": "unaffected" + } + ], + "lessThan": "9.0.17", + "status": "affected", + "version": "9.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.1.15-h1", + "status": "unaffected" + } + ], + "lessThan": "9.1.15-h1", + "status": "affected", + "version": "9.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.0.12", + "status": "unaffected" + } + ], + "lessThan": "10.0.12", + "status": "affected", + "version": "10.0.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "10.1.0" + }, + { + "status": "unaffected", + "version": "10.2.0" + }, + { + "status": "unaffected", + "version": "11.0.0" + }, + { + "status": "unaffected", + "version": "11.1.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3384", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3384" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-198992" + ], + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM)." + } + ], + "value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM)." + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks rqu for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3385.json b/2024/3xxx/CVE-2024-3385.json index a5fe9150062..4d6a2e7ba86 100644 --- a/2024/3xxx/CVE-2024-3385.json +++ b/2024/3xxx/CVE-2024-3385.json @@ -1,17 +1,263 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3385", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "9.0.17-h4", + "status": "unaffected" + } + ], + "lessThan": "9.0.17-h4", + "status": "affected", + "version": "9.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.1.17", + "status": "unaffected" + } + ], + "lessThan": "9.1.17", + "status": "affected", + "version": "9.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.1.12", + "status": "unaffected" + } + ], + "lessThan": "10.1.12", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.8", + "status": "unaffected" + } + ], + "lessThan": "10.2.8", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.3", + "status": "unaffected" + } + ], + "lessThan": "11.0.3", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "11.1.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3385", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3385" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-221224" + ], + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed." + } + ], + "value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed." + } + ], + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).
" + } + ], + "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).\n" + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3386.json b/2024/3xxx/CVE-2024-3386.json index 823644d296d..0af853cefc3 100644 --- a/2024/3xxx/CVE-2024-3386.json +++ b/2024/3xxx/CVE-2024-3386.json @@ -1,17 +1,289 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3386", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-436 Interpretation Conflict", + "cweId": "CWE-436" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "9.0.17-h2", + "status": "unaffected" + } + ], + "lessThan": "9.0.17-h2", + "status": "affected", + "version": "9.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.1.17", + "status": "unaffected" + } + ], + "lessThan": "9.1.17", + "status": "affected", + "version": "9.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.0.13", + "status": "unaffected" + } + ], + "lessThan": "10.0.13", + "status": "affected", + "version": "10.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.1.9-h3", + "status": "unaffected" + } + ], + "lessThan": "10.1.9-h3", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.1.10", + "status": "unaffected" + } + ], + "lessThan": "10.1.10", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.4-h2", + "status": "unaffected" + } + ], + "lessThan": "10.2.4-h2", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.5", + "status": "unaffected" + } + ], + "lessThan": "10.2.5", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.1-h2", + "status": "unaffected" + } + ], + "lessThan": "11.0.1-h2", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.2", + "status": "unaffected" + } + ], + "lessThan": "11.0.2", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "11.1.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3386", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3386" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-208155" + ], + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device > Certificate Management > SSL Decryption Exclusions)." + } + ], + "value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device > Certificate Management > SSL Decryption Exclusions)." + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks Frederic De Vlieger for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3387.json b/2024/3xxx/CVE-2024-3387.json index cec1ecbe794..306687eb58f 100644 --- a/2024/3xxx/CVE-2024-3387.json +++ b/2024/3xxx/CVE-2024-3387.json @@ -1,17 +1,224 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3387", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-326 Inadequate Encryption Strength", + "cweId": "CWE-326" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "9.0.0" + }, + { + "status": "unaffected", + "version": "9.1.0" + }, + { + "changes": [ + { + "at": "10.1.12", + "status": "unaffected" + } + ], + "lessThan": "10.1.12", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.7-h3", + "status": "unaffected" + } + ], + "lessThan": "10.2.7-h3", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.8", + "status": "unaffected" + } + ], + "lessThan": "10.2.8", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.4", + "status": "unaffected" + } + ], + "lessThan": "11.0.4", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "11.1.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3387", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3387" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-200047" + ], + "discovery": "USER" + }, + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.
" + } + ], + "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks one of our customers for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3388.json b/2024/3xxx/CVE-2024-3388.json index c0617c05bd7..9cc7de0cd2a 100644 --- a/2024/3xxx/CVE-2024-3388.json +++ b/2024/3xxx/CVE-2024-3388.json @@ -1,17 +1,283 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-269 Improper Privilege Management", + "cweId": "CWE-269" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-863 Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto Networks", + "product": { + "product_data": [ + { + "product_name": "PAN-OS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "8.1.26", + "status": "unaffected" + } + ], + "lessThan": "8.1.26", + "status": "affected", + "version": "8.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.0.17-h4", + "status": "unaffected" + } + ], + "lessThan": "9.0.17-h4", + "status": "affected", + "version": "9.0.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "9.1.17", + "status": "unaffected" + } + ], + "lessThan": "9.1.17", + "status": "affected", + "version": "9.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.1.11-h4", + "status": "unaffected" + } + ], + "lessThan": "10.1.11-h4", + "status": "affected", + "version": "10.1.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "10.2.7-h3", + "status": "unaffected" + } + ], + "lessThan": "10.2.7-h3", + "status": "affected", + "version": "10.2.0", + "versionType": "custom" + }, + { + "changes": [ + { + "at": "11.0.3", + "status": "unaffected" + } + ], + "lessThan": "11.0.3", + "status": "affected", + "version": "11.0.0", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "11.1.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Cloud NGFW", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "unaffected", + "version": "All" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Prisma Access", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "10.2.4", + "status": "unaffected" + } + ], + "lessThan": "10.2.4", + "status": "affected", + "version": "10.2", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3388", + "refsource": "MISC", + "name": "https://security.paloaltonetworks.com/CVE-2024-3388" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "defect": [ + "PAN-224964" + ], + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent > Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent > Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel." + } + ], + "value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent > Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent > Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel." + } + ], + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network > GlobalProtect Gateways > > GlobalProtect Gateway Configuration > Agent > Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.
" + } + ], + "value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network > GlobalProtect Gateways > > GlobalProtect Gateway Configuration > Agent > Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.\n" + } + ], + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.
" + } + ], + "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.
" + } + ], + "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Palo Alto Networks thanks Ta-Lun Yen of TXOne Networks for discovering and reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3525.json b/2024/3xxx/CVE-2024-3525.json index 32b6a34e19a..b2a39d681b3 100644 --- a/2024/3xxx/CVE-2024-3525.json +++ b/2024/3xxx/CVE-2024-3525.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3525", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as problematic, was found in Campcodes Online Event Management System 1.0. Affected is an unknown function of the file /views/index.php. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259896." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in Campcodes Online Event Management System 1.0 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei /views/index.php. Durch Beeinflussen des Arguments msg mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Online Event Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.259896", + "refsource": "MISC", + "name": "https://vuldb.com/?id.259896" + }, + { + "url": "https://vuldb.com/?ctiid.259896", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.259896" + }, + { + "url": "https://vuldb.com/?submit.312507", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.312507" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Online%20Event%20Management%20System/Online%20Event%20Management%20System%20-%20vuln%204.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Online%20Event%20Management%20System/Online%20Event%20Management%20System%20-%20vuln%204.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/3xxx/CVE-2024-3526.json b/2024/3xxx/CVE-2024-3526.json index ef159d04b7b..d8a896b6325 100644 --- a/2024/3xxx/CVE-2024-3526.json +++ b/2024/3xxx/CVE-2024-3526.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in Campcodes Online Event Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259897 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In Campcodes Online Event Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei index.php. Dank der Manipulation des Arguments msg mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Online Event Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.259897", + "refsource": "MISC", + "name": "https://vuldb.com/?id.259897" + }, + { + "url": "https://vuldb.com/?ctiid.259897", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.259897" + }, + { + "url": "https://vuldb.com/?submit.312508", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.312508" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Online%20Event%20Management%20System/Online%20Event%20Management%20System%20-%20vuln%205.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Online%20Event%20Management%20System/Online%20Event%20Management%20System%20-%20vuln%205.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/3xxx/CVE-2024-3566.json b/2024/3xxx/CVE-2024-3566.json index d039db95920..9d56c273db2 100644 --- a/2024/3xxx/CVE-2024-3566.json +++ b/2024/3xxx/CVE-2024-3566.json @@ -1,18 +1,138 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3566", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cert@cert.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Node.js", + "product": { + "product_data": [ + { + "product_name": "Node.js", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "21.7.2" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Go Programming Language", + "product": { + "product_data": [ + { + "product_name": "GoLang", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "*" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Haskell Programming Language", + "product": { + "product_data": [ + { + "product_name": "Haskel", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "*" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/", + "refsource": "MISC", + "name": "https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/" + }, + { + "url": "https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way", + "refsource": "MISC", + "name": "https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way" + }, + { + "url": "https://kb.cert.org/vuls/id/123335", + "refsource": "MISC", + "name": "https://kb.cert.org/vuls/id/123335" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-24576", + "refsource": "MISC", + "name": "https://www.cve.org/CVERecord?id=CVE-2024-24576" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-1874", + "refsource": "MISC", + "name": "https://www.cve.org/CVERecord?id=CVE-2024-1874" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-22423", + "refsource": "MISC", + "name": "https://www.cve.org/CVERecord?id=CVE-2024-22423" + }, + { + "url": "https://www.kb.cert.org/vuls/id/123335", + "refsource": "MISC", + "name": "https://www.kb.cert.org/vuls/id/123335" + } + ] + }, + "generator": { + "engine": "VINCE 2.1.12", + "env": "prod", + "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3566" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3633.json b/2024/3xxx/CVE-2024-3633.json new file mode 100644 index 00000000000..8aad3f97a4d --- /dev/null +++ b/2024/3xxx/CVE-2024-3633.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3633", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3634.json b/2024/3xxx/CVE-2024-3634.json new file mode 100644 index 00000000000..de9f555f146 --- /dev/null +++ b/2024/3xxx/CVE-2024-3634.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3634", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3635.json b/2024/3xxx/CVE-2024-3635.json new file mode 100644 index 00000000000..900c480c787 --- /dev/null +++ b/2024/3xxx/CVE-2024-3635.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3635", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file