diff --git a/2023/21xxx/CVE-2023-21524.json b/2023/21xxx/CVE-2023-21524.json index 833bf22c4b2..dd87cb1940f 100644 --- a/2023/21xxx/CVE-2023-21524.json +++ b/2023/21xxx/CVE-2023-21524.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-798: Use of Hard-coded Credentials", + "cweId": "CWE-798" } ] } diff --git a/2023/21xxx/CVE-2023-21525.json b/2023/21xxx/CVE-2023-21525.json index 665f73c40ad..d165f0dc797 100644 --- a/2023/21xxx/CVE-2023-21525.json +++ b/2023/21xxx/CVE-2023-21525.json @@ -274,6 +274,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21527.json b/2023/21xxx/CVE-2023-21527.json index 5a827ce898d..483ae8ad6b3 100644 --- a/2023/21xxx/CVE-2023-21527.json +++ b/2023/21xxx/CVE-2023-21527.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-191: Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } @@ -250,6 +251,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21531.json b/2023/21xxx/CVE-2023-21531.json index cbd34533291..4a6094aa2b1 100644 --- a/2023/21xxx/CVE-2023-21531.json +++ b/2023/21xxx/CVE-2023-21531.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" } ] } diff --git a/2023/21xxx/CVE-2023-21532.json b/2023/21xxx/CVE-2023-21532.json index 15e96124b58..31921fa2866 100644 --- a/2023/21xxx/CVE-2023-21532.json +++ b/2023/21xxx/CVE-2023-21532.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21535.json b/2023/21xxx/CVE-2023-21535.json index 74f9ba5df7e..fa6ea64fa3d 100644 --- a/2023/21xxx/CVE-2023-21535.json +++ b/2023/21xxx/CVE-2023-21535.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-591: Sensitive Data Storage in Improperly Locked Memory", + "cweId": "CWE-591" } ] } diff --git a/2023/21xxx/CVE-2023-21536.json b/2023/21xxx/CVE-2023-21536.json index 2217d18f4a1..b21ac5387a3 100644 --- a/2023/21xxx/CVE-2023-21536.json +++ b/2023/21xxx/CVE-2023-21536.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } diff --git a/2023/21xxx/CVE-2023-21537.json b/2023/21xxx/CVE-2023-21537.json index 0b9d830360d..872b25cb84c 100644 --- a/2023/21xxx/CVE-2023-21537.json +++ b/2023/21xxx/CVE-2023-21537.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", + "cweId": "CWE-367" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21538.json b/2023/21xxx/CVE-2023-21538.json index 792202a934a..254e0f52e36 100644 --- a/2023/21xxx/CVE-2023-21538.json +++ b/2023/21xxx/CVE-2023-21538.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21539.json b/2023/21xxx/CVE-2023-21539.json index b21f615516b..ee36ffba595 100644 --- a/2023/21xxx/CVE-2023-21539.json +++ b/2023/21xxx/CVE-2023-21539.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } diff --git a/2023/21xxx/CVE-2023-21540.json b/2023/21xxx/CVE-2023-21540.json index 0b93b9fd36d..c0cf19fc869 100644 --- a/2023/21xxx/CVE-2023-21540.json +++ b/2023/21xxx/CVE-2023-21540.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/21xxx/CVE-2023-21541.json b/2023/21xxx/CVE-2023-21541.json index 83b7ca35d3e..db3115798f4 100644 --- a/2023/21xxx/CVE-2023-21541.json +++ b/2023/21xxx/CVE-2023-21541.json @@ -274,6 +274,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21542.json b/2023/21xxx/CVE-2023-21542.json index fac541c4d75..2096ce8f492 100644 --- a/2023/21xxx/CVE-2023-21542.json +++ b/2023/21xxx/CVE-2023-21542.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } @@ -166,6 +167,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21543.json b/2023/21xxx/CVE-2023-21543.json index 303cf1fde43..b5d229e9431 100644 --- a/2023/21xxx/CVE-2023-21543.json +++ b/2023/21xxx/CVE-2023-21543.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21546.json b/2023/21xxx/CVE-2023-21546.json index 2bedc0e578e..d2a03634af1 100644 --- a/2023/21xxx/CVE-2023-21546.json +++ b/2023/21xxx/CVE-2023-21546.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-591: Sensitive Data Storage in Improperly Locked Memory", + "cweId": "CWE-591" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21547.json b/2023/21xxx/CVE-2023-21547.json index 09ffde9d94a..5f2c82349f8 100644 --- a/2023/21xxx/CVE-2023-21547.json +++ b/2023/21xxx/CVE-2023-21547.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" } ] } diff --git a/2023/21xxx/CVE-2023-21548.json b/2023/21xxx/CVE-2023-21548.json index 36ecfacd5a2..5394579b577 100644 --- a/2023/21xxx/CVE-2023-21548.json +++ b/2023/21xxx/CVE-2023-21548.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-591: Sensitive Data Storage in Improperly Locked Memory", + "cweId": "CWE-591" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21549.json b/2023/21xxx/CVE-2023-21549.json index 029cadd0844..b02e03b739e 100644 --- a/2023/21xxx/CVE-2023-21549.json +++ b/2023/21xxx/CVE-2023-21549.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-285: Improper Authorization", + "cweId": "CWE-285" } ] } diff --git a/2023/21xxx/CVE-2023-21550.json b/2023/21xxx/CVE-2023-21550.json index f0a0d1357dc..a5cd02b5f9d 100644 --- a/2023/21xxx/CVE-2023-21550.json +++ b/2023/21xxx/CVE-2023-21550.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/21xxx/CVE-2023-21551.json b/2023/21xxx/CVE-2023-21551.json index 79d86614968..d01bc68ade2 100644 --- a/2023/21xxx/CVE-2023-21551.json +++ b/2023/21xxx/CVE-2023-21551.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2023/21xxx/CVE-2023-21552.json b/2023/21xxx/CVE-2023-21552.json index f96043aa5aa..36c315579f4 100644 --- a/2023/21xxx/CVE-2023-21552.json +++ b/2023/21xxx/CVE-2023-21552.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21555.json b/2023/21xxx/CVE-2023-21555.json index 957b36a43f2..2de0303c908 100644 --- a/2023/21xxx/CVE-2023-21555.json +++ b/2023/21xxx/CVE-2023-21555.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", + "cweId": "CWE-367" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21556.json b/2023/21xxx/CVE-2023-21556.json index b4ba2c934a7..18c56bd6c33 100644 --- a/2023/21xxx/CVE-2023-21556.json +++ b/2023/21xxx/CVE-2023-21556.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-191: Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21557.json b/2023/21xxx/CVE-2023-21557.json index e46db34f5d7..86ec0b17253 100644 --- a/2023/21xxx/CVE-2023-21557.json +++ b/2023/21xxx/CVE-2023-21557.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21558.json b/2023/21xxx/CVE-2023-21558.json index aca84400ab6..c60f3e3f1bf 100644 --- a/2023/21xxx/CVE-2023-21558.json +++ b/2023/21xxx/CVE-2023-21558.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/21xxx/CVE-2023-21559.json b/2023/21xxx/CVE-2023-21559.json index 1f6b55eb5ac..e01b0282a4d 100644 --- a/2023/21xxx/CVE-2023-21559.json +++ b/2023/21xxx/CVE-2023-21559.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/21xxx/CVE-2023-21560.json b/2023/21xxx/CVE-2023-21560.json index 0287995d7f6..1576d454d76 100644 --- a/2023/21xxx/CVE-2023-21560.json +++ b/2023/21xxx/CVE-2023-21560.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Security Feature Bypass" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21561.json b/2023/21xxx/CVE-2023-21561.json index aee6319d8f7..287f5c39ca0 100644 --- a/2023/21xxx/CVE-2023-21561.json +++ b/2023/21xxx/CVE-2023-21561.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21563.json b/2023/21xxx/CVE-2023-21563.json index 38a7a8e9266..9eac9473209 100644 --- a/2023/21xxx/CVE-2023-21563.json +++ b/2023/21xxx/CVE-2023-21563.json @@ -274,6 +274,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21674.json b/2023/21xxx/CVE-2023-21674.json index a9660a8c985..ac7773b0672 100644 --- a/2023/21xxx/CVE-2023-21674.json +++ b/2023/21xxx/CVE-2023-21674.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2023/21xxx/CVE-2023-21675.json b/2023/21xxx/CVE-2023-21675.json index 292e96d9b7c..0a0a0aad5b8 100644 --- a/2023/21xxx/CVE-2023-21675.json +++ b/2023/21xxx/CVE-2023-21675.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')", + "cweId": "CWE-843" } ] } @@ -274,6 +275,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26321" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/23xxx/CVE-2023-23416.json b/2023/23xxx/CVE-2023-23416.json index 2d86d37db57..b464bc740bf 100644 --- a/2023/23xxx/CVE-2023-23416.json +++ b/2023/23xxx/CVE-2023-23416.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } @@ -210,8 +259,8 @@ { "version": "3.1", "baseSeverity": "HIGH", - "baseScore": 8.4, - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" + "baseScore": 7.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } ] } diff --git a/2023/23xxx/CVE-2023-23417.json b/2023/23xxx/CVE-2023-23417.json index a9500b11517..1e0c5793db1 100644 --- a/2023/23xxx/CVE-2023-23417.json +++ b/2023/23xxx/CVE-2023-23417.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -153,6 +166,18 @@ } ] } + }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } } ] } diff --git a/2023/23xxx/CVE-2023-23418.json b/2023/23xxx/CVE-2023-23418.json index 1b69d139a4f..93fbd96b50f 100644 --- a/2023/23xxx/CVE-2023-23418.json +++ b/2023/23xxx/CVE-2023-23418.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -41,7 +42,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } diff --git a/2023/23xxx/CVE-2023-23419.json b/2023/23xxx/CVE-2023-23419.json index 07578585759..38e47e97fb3 100644 --- a/2023/23xxx/CVE-2023-23419.json +++ b/2023/23xxx/CVE-2023-23419.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -41,7 +42,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } diff --git a/2023/23xxx/CVE-2023-23420.json b/2023/23xxx/CVE-2023-23420.json index 2afd0b51c54..d34af497114 100644 --- a/2023/23xxx/CVE-2023-23420.json +++ b/2023/23xxx/CVE-2023-23420.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/23xxx/CVE-2023-23421.json b/2023/23xxx/CVE-2023-23421.json index 374f5bf3d75..d681b39db55 100644 --- a/2023/23xxx/CVE-2023-23421.json +++ b/2023/23xxx/CVE-2023-23421.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/23xxx/CVE-2023-23422.json b/2023/23xxx/CVE-2023-23422.json index 55da8445d9d..eb6362a1dcb 100644 --- a/2023/23xxx/CVE-2023-23422.json +++ b/2023/23xxx/CVE-2023-23422.json @@ -58,6 +58,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +125,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +179,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +203,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +262,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +285,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/23xxx/CVE-2023-23423.json b/2023/23xxx/CVE-2023-23423.json index 20c88889af4..c94c2e6702e 100644 --- a/2023/23xxx/CVE-2023-23423.json +++ b/2023/23xxx/CVE-2023-23423.json @@ -58,6 +58,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +125,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +179,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +203,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +262,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +285,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24856.json b/2023/24xxx/CVE-2023-24856.json index b53839b0e08..af349f8c896 100644 --- a/2023/24xxx/CVE-2023-24856.json +++ b/2023/24xxx/CVE-2023-24856.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } @@ -209,9 +258,9 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "MEDIUM", - "baseScore": 6.5, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/24xxx/CVE-2023-24857.json b/2023/24xxx/CVE-2023-24857.json index 2f68896e552..0ff01f91d5e 100644 --- a/2023/24xxx/CVE-2023-24857.json +++ b/2023/24xxx/CVE-2023-24857.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24858.json b/2023/24xxx/CVE-2023-24858.json index 4325fce108d..7bbbf483c24 100644 --- a/2023/24xxx/CVE-2023-24858.json +++ b/2023/24xxx/CVE-2023-24858.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } @@ -209,9 +258,9 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "MEDIUM", - "baseScore": 6.5, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/24xxx/CVE-2023-24859.json b/2023/24xxx/CVE-2023-24859.json index b28ab6f77e8..10d37e9ef41 100644 --- a/2023/24xxx/CVE-2023-24859.json +++ b/2023/24xxx/CVE-2023-24859.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24861.json b/2023/24xxx/CVE-2023-24861.json index 91d7331715f..d8b6eb2bd48 100644 --- a/2023/24xxx/CVE-2023-24861.json +++ b/2023/24xxx/CVE-2023-24861.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", + "cweId": "CWE-367" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24862.json b/2023/24xxx/CVE-2023-24862.json index 89d59a040a2..4daf84c8454 100644 --- a/2023/24xxx/CVE-2023-24862.json +++ b/2023/24xxx/CVE-2023-24862.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24863.json b/2023/24xxx/CVE-2023-24863.json index eb1727d84c3..d90139266fa 100644 --- a/2023/24xxx/CVE-2023-24863.json +++ b/2023/24xxx/CVE-2023-24863.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24864.json b/2023/24xxx/CVE-2023-24864.json index 018fd1ccd38..98a68bf9880 100644 --- a/2023/24xxx/CVE-2023-24864.json +++ b/2023/24xxx/CVE-2023-24864.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-191: Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24865.json b/2023/24xxx/CVE-2023-24865.json index c5b9cceb1a2..1108ae8d7f2 100644 --- a/2023/24xxx/CVE-2023-24865.json +++ b/2023/24xxx/CVE-2023-24865.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24866.json b/2023/24xxx/CVE-2023-24866.json index 7a28220ac92..8e8185ff66b 100644 --- a/2023/24xxx/CVE-2023-24866.json +++ b/2023/24xxx/CVE-2023-24866.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24867.json b/2023/24xxx/CVE-2023-24867.json index bdc3361fa05..7987cd8c82a 100644 --- a/2023/24xxx/CVE-2023-24867.json +++ b/2023/24xxx/CVE-2023-24867.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24868.json b/2023/24xxx/CVE-2023-24868.json index ef20a939834..28443900345 100644 --- a/2023/24xxx/CVE-2023-24868.json +++ b/2023/24xxx/CVE-2023-24868.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24869.json b/2023/24xxx/CVE-2023-24869.json index fcc2545b47b..e76439d868f 100644 --- a/2023/24xxx/CVE-2023-24869.json +++ b/2023/24xxx/CVE-2023-24869.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24870.json b/2023/24xxx/CVE-2023-24870.json index 2dd076dadf7..fc635358da5 100644 --- a/2023/24xxx/CVE-2023-24870.json +++ b/2023/24xxx/CVE-2023-24870.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24871.json b/2023/24xxx/CVE-2023-24871.json index e75ab3509c7..26eb429af32 100644 --- a/2023/24xxx/CVE-2023-24871.json +++ b/2023/24xxx/CVE-2023-24871.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -89,7 +90,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } diff --git a/2023/24xxx/CVE-2023-24872.json b/2023/24xxx/CVE-2023-24872.json index ab4bd97f95b..ae714e88aef 100644 --- a/2023/24xxx/CVE-2023-24872.json +++ b/2023/24xxx/CVE-2023-24872.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24876.json b/2023/24xxx/CVE-2023-24876.json index 6a085841ebc..39042870c95 100644 --- a/2023/24xxx/CVE-2023-24876.json +++ b/2023/24xxx/CVE-2023-24876.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24879.json b/2023/24xxx/CVE-2023-24879.json index 82fe733f2ee..3ec592c4802 100644 --- a/2023/24xxx/CVE-2023-24879.json +++ b/2023/24xxx/CVE-2023-24879.json @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24880.json b/2023/24xxx/CVE-2023-24880.json index f15ef1f1579..ff6e8e6416b 100644 --- a/2023/24xxx/CVE-2023-24880.json +++ b/2023/24xxx/CVE-2023-24880.json @@ -58,6 +58,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +125,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -153,6 +165,18 @@ } ] } + }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } } ] } @@ -174,8 +198,8 @@ { "version": "3.1", "baseSeverity": "MEDIUM", - "baseScore": 5.4, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:F/RL:O/RC:C" + "baseScore": 4.4, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:F/RL:O/RC:C" } ] } diff --git a/2023/24xxx/CVE-2023-24882.json b/2023/24xxx/CVE-2023-24882.json index 3b375b679f4..5df978b75e3 100644 --- a/2023/24xxx/CVE-2023-24882.json +++ b/2023/24xxx/CVE-2023-24882.json @@ -35,7 +35,7 @@ "product": { "product_data": [ { - "product_name": "One Drive", + "product_name": "OneDrive for Android", "version": { "version_data": [ { diff --git a/2023/24xxx/CVE-2023-24890.json b/2023/24xxx/CVE-2023-24890.json index b6a26ddf665..07cebcbc6a2 100644 --- a/2023/24xxx/CVE-2023-24890.json +++ b/2023/24xxx/CVE-2023-24890.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Security Feature Bypass" + "value": "CWE-1390: Weak Authentication", + "cweId": "CWE-1390" } ] } diff --git a/2023/24xxx/CVE-2023-24891.json b/2023/24xxx/CVE-2023-24891.json index f087c2e941c..6330107abe7 100644 --- a/2023/24xxx/CVE-2023-24891.json +++ b/2023/24xxx/CVE-2023-24891.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -40,7 +41,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24892.json b/2023/24xxx/CVE-2023-24892.json index c3d5c4d7016..9391f31dab2 100644 --- a/2023/24xxx/CVE-2023-24892.json +++ b/2023/24xxx/CVE-2023-24892.json @@ -35,7 +35,7 @@ "product": { "product_data": [ { - "product_name": "Microsoft Edge", + "product_name": "Microsoft Edge (Chromium-based)", "version": { "version_data": [ { @@ -66,8 +66,8 @@ { "version": "3.1", "baseSeverity": "HIGH", - "baseScore": 7.1, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C" + "baseScore": 8.2, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/24xxx/CVE-2023-24906.json b/2023/24xxx/CVE-2023-24906.json index deec8bdee48..a34a7735fcb 100644 --- a/2023/24xxx/CVE-2023-24906.json +++ b/2023/24xxx/CVE-2023-24906.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24907.json b/2023/24xxx/CVE-2023-24907.json index bf667b41c4d..e9612c6cea5 100644 --- a/2023/24xxx/CVE-2023-24907.json +++ b/2023/24xxx/CVE-2023-24907.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24908.json b/2023/24xxx/CVE-2023-24908.json index c14d300c008..1d611cf6f88 100644 --- a/2023/24xxx/CVE-2023-24908.json +++ b/2023/24xxx/CVE-2023-24908.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24909.json b/2023/24xxx/CVE-2023-24909.json index 3a78f02ab39..da9862070cd 100644 --- a/2023/24xxx/CVE-2023-24909.json +++ b/2023/24xxx/CVE-2023-24909.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24910.json b/2023/24xxx/CVE-2023-24910.json index 217b4388fc9..180a8c65f8b 100644 --- a/2023/24xxx/CVE-2023-24910.json +++ b/2023/24xxx/CVE-2023-24910.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21966" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26415" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -220,7 +288,31 @@ } }, { - "product_name": "Microsoft Office", + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } + }, + { + "product_name": "Microsoft Office 2019 for Mac", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.71.23031200" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC for Mac 2021", "version": { "version_data": [ { @@ -230,6 +322,30 @@ } ] } + }, + { + "product_name": "Microsoft Office for Android", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "16.0.16026.20172" + } + ] + } + }, + { + "product_name": "Microsoft Office for Universal", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "16.0.14606.20000" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24911.json b/2023/24xxx/CVE-2023-24911.json index 885fa24cf05..86d64d0fb0c 100644 --- a/2023/24xxx/CVE-2023-24911.json +++ b/2023/24xxx/CVE-2023-24911.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-191: Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } @@ -210,8 +259,8 @@ { "version": "3.1", "baseSeverity": "MEDIUM", - "baseScore": 6.5, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" + "baseScore": 4.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/24xxx/CVE-2023-24913.json b/2023/24xxx/CVE-2023-24913.json index 25a698c1ee5..353f3f9f83f 100644 --- a/2023/24xxx/CVE-2023-24913.json +++ b/2023/24xxx/CVE-2023-24913.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4131" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -113,7 +126,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1413" + "version_value": "10.0.22621.1413" } ] } @@ -166,6 +179,18 @@ ] } }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5786" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { @@ -178,6 +203,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24168" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -189,6 +226,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20865" + } + ] + } } ] } diff --git a/2023/24xxx/CVE-2023-24919.json b/2023/24xxx/CVE-2023-24919.json index c836d60bc22..314964c715c 100644 --- a/2023/24xxx/CVE-2023-24919.json +++ b/2023/24xxx/CVE-2023-24919.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -52,7 +53,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24920.json b/2023/24xxx/CVE-2023-24920.json index 2092d521d9c..2408a0115ae 100644 --- a/2023/24xxx/CVE-2023-24920.json +++ b/2023/24xxx/CVE-2023-24920.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-352: Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" } ] } @@ -40,7 +41,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24921.json b/2023/24xxx/CVE-2023-24921.json index 6b413173f16..ac3f6071a6e 100644 --- a/2023/24xxx/CVE-2023-24921.json +++ b/2023/24xxx/CVE-2023-24921.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -52,7 +53,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24922.json b/2023/24xxx/CVE-2023-24922.json index e4755d75d21..0037370baee 100644 --- a/2023/24xxx/CVE-2023-24922.json +++ b/2023/24xxx/CVE-2023-24922.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Microsoft Dynamics 365 Information Disclosure Vulnerability" + "value": "Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability" } ] }, @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-643: Improper Neutralization of Data within XPath Expressions ('XPath Injection')", + "cweId": "CWE-643" } ] } @@ -52,7 +53,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/24xxx/CVE-2023-24923.json b/2023/24xxx/CVE-2023-24923.json index 60ec2ba6f6f..17f0f8ab777 100644 --- a/2023/24xxx/CVE-2023-24923.json +++ b/2023/24xxx/CVE-2023-24923.json @@ -35,7 +35,7 @@ "product": { "product_data": [ { - "product_name": "One Drive", + "product_name": "OneDrive for Android", "version": { "version_data": [ { diff --git a/2023/24xxx/CVE-2023-24930.json b/2023/24xxx/CVE-2023-24930.json index bb3ce41d37b..ed4d76ac15b 100644 --- a/2023/24xxx/CVE-2023-24930.json +++ b/2023/24xxx/CVE-2023-24930.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } diff --git a/2023/28xxx/CVE-2023-28303.json b/2023/28xxx/CVE-2023-28303.json index 9f474e216dc..d8470459bbd 100644 --- a/2023/28xxx/CVE-2023-28303.json +++ b/2023/28xxx/CVE-2023-28303.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor", + "cweId": "CWE-359" } ] } diff --git a/2024/0xxx/CVE-2024-0434.json b/2024/0xxx/CVE-2024-0434.json index a568a3f3bbc..30c618ea5d3 100644 --- a/2024/0xxx/CVE-2024-0434.json +++ b/2024/0xxx/CVE-2024-0434.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0434", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WordPress Tour & Travel Booking Plugin for WooCommerce \u2013 WpTravelly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ttbm_new_place_save' function in all versions up to, and including, 1.7.1. This makes it possible for unauthenticated attackers to create and publish new place posts. This function is also vulnerable to CSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "magepeopleteam", + "product": { + "product_data": [ + { + "product_name": "WordPress Tour & Travel Booking Plugin for WooCommerce \u2013 WpTravelly", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.7.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e84d3e22-8568-4bdb-be9b-ffe78c69ec24?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e84d3e22-8568-4bdb-be9b-ffe78c69ec24?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/tour-booking-manager/trunk/admin/settings/tour/TTBM_Settings_place_you_see.php#L225", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/tour-booking-manager/trunk/admin/settings/tour/TTBM_Settings_place_you_see.php#L225" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3092969%40tour-booking-manager%2Ftrunk&old=3091912%40tour-booking-manager%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3092969%40tour-booking-manager%2Ftrunk&old=3091912%40tour-booking-manager%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Francesco Carlucci" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] }