admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-23 23:00:34 +00:00
parent fe9343b88b
commit 409523e68d
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 292 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/33xxx/CVE-2023-33295.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Cohesity DataProtect 6.8.1 and 6.6.0d was discovered to have a incorrect access control vulnerability due to a lack of TLS Certificate Validation."
"value": "Cohesity DataProtect prior to 6.8.1_u5 or 7.1 was discovered to have a incorrect access control vulnerability due to a lack of TLS Certificate Validation."
}
]
},

71
2023/35xxx/CVE-2023-35835.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35835",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-35835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup is complete. The WiFi network serves a web-based configuration utility, as well as an unauthenticated ModBus protocol interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://yougottahackthat.com/blog/",
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/"
},
{
"url": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/"
},
{
"url": "https://www.solaxpower.com/downloads/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/downloads/"
},
{
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication",
"url": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication"
}
]
}

71
2023/35xxx/CVE-2023-35836.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35836",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-35836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the target's Wi-Fi networks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://yougottahackthat.com/blog/",
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/"
},
{
"url": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/"
},
{
"url": "https://www.solaxpower.com/downloads/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/downloads/"
},
{
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication",
"url": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication"
}
]
}

71
2023/35xxx/CVE-2023-35837.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-35837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same registration ID is used as the WiFi SSID name. No routine is in place to force a change to this password on first use or bring its default state to the attention of the user. Once authenticated, an attacker can reconfigure the device or upload new firmware, both of which can lead to Denial of Service, code execution, or Escalation of Privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://yougottahackthat.com/blog/",
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/"
},
{
"url": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/"
},
{
"url": "https://www.solaxpower.com/downloads/",
"refsource": "MISC",
"name": "https://www.solaxpower.com/downloads/"
},
{
"refsource": "MISC",
"name": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication",
"url": "https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication"
}
]
}

96
2023/47xxx/CVE-2023-47115.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django's built-in `serve` view, which is not secure for production use according to Django's documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django's `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HumanSignal",
"product": {
"product_data": [
{
"product_name": "label-studio",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.9.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x",
"refsource": "MISC",
"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3",
"refsource": "MISC",
"name": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development",
"refsource": "MISC",
"name": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49",
"refsource": "MISC",
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26",
"refsource": "MISC",
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
}
]
},
"source": {
"advisory": "GHSA-q68h-xwq5-mm7x",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
}

2
2023/5xxx/CVE-2023-5646.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** it is a duplicate"
"value": "** REJECT ** \n** REJECT **DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5241. Reason: This record is a reservation duplicate of CVE-2023-5241. Notes: All CVE users should reference CVE-2023-5241 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.\n"
}
]
}

2
2023/5xxx/CVE-2023-5647.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** it is a duplicate"
"value": "** REJECT **\nDO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5212. Reason: This record is a reservation duplicate of CVE-2023-5212. Notes: All CVE users should reference CVE-2023-5212\u00a0instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.\n"
}
]
}

2
2023/5xxx/CVE-2023-5655.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** it is a duplicate"
"value": "** REJECT **\nDO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5534. Reason: This record is a reservation duplicate of CVE-2023-5534. Notes: All CVE users should reference CVE-2023-5534 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.\n"
}
]
}

2
2023/5xxx/CVE-2023-5656.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** it is a duplicate"
"value": "** REJECT **\nDO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5533. Reason: This record is a reservation duplicate of CVE-2023-5533. Notes: All CVE users should reference CVE-2023-5533 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.\n"
}
]
}