From 4541a540f40af08941c59f9674b318e91a185f91 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 5 Sep 2023 15:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/2xxx/CVE-2023-2453.json | 107 +++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32086.json | 8 +-- 2023/40xxx/CVE-2023-40743.json | 74 +++++++++++++++++++++-- 2023/4xxx/CVE-2023-4480.json | 107 +++++++++++++++++++++++++++++++-- 2023/4xxx/CVE-2023-4772.json | 18 ++++++ 5 files changed, 297 insertions(+), 17 deletions(-) create mode 100644 2023/4xxx/CVE-2023-4772.json diff --git a/2023/2xxx/CVE-2023-2453.json b/2023/2xxx/CVE-2023-2453.json index 487c590c9e6..464d1d413ad 100644 --- a/2023/2xxx/CVE-2023-2453.json +++ b/2023/2xxx/CVE-2023-2453.json @@ -1,17 +1,116 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2453", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@synopsys.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a \u2018require_once\u2019 statement. This allows arbitrary files with the \u2018.php\u2019 extension for which the absolute path is known to be included and executed. There are no known means in PHPFusion through which an attacker can upload and target a \u2018.php\u2019 file payload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", + "cweId": "CWE-829" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPFusion", + "product": { + "product_data": [ + { + "product_name": "PHPFusion", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "9.10.30", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/", + "refsource": "MISC", + "name": "https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\nDisabling the \u201cForum\u201d Infusion through the admin panel removes the endpoint through which this vulnerability is exploited, and so prevents the issue. If the \u201cForum\u201d Infusion cannot be disabled, technologies such as a web application firewall may help to mitigate exploitation attempts. \n\n
" + } + ], + "value": "\nDisabling the \u201cForum\u201d Infusion through the admin panel removes the endpoint through which this vulnerability is exploited, and so prevents the issue. If the \u201cForum\u201d Infusion cannot be disabled, technologies such as a web application firewall may help to mitigate exploitation attempts.\u00a0\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Matthew Hogg" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/32xxx/CVE-2023-32086.json b/2023/32xxx/CVE-2023-32086.json index 35c787acd52..cca958156e4 100644 --- a/2023/32xxx/CVE-2023-32086.json +++ b/2023/32xxx/CVE-2023-32086.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@pega.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } diff --git a/2023/40xxx/CVE-2023-40743.json b/2023/40xxx/CVE-2023-40743.json index 74c0363ba76..be7938ac050 100644 --- a/2023/40xxx/CVE-2023-40743.json +++ b/2023/40xxx/CVE-2023-40743.json @@ -1,18 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40743", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through \"ServiceFactory.getService\" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SSRF and even attacks leading to RCE.\n\nAs Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. As a workaround, you may review your code to verify no untrusted or unsanitized input is passed to \"ServiceFactory.getService\", or by applying the patch from https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210 . The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome.\n\n" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache Axis", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210", + "refsource": "MISC", + "name": "https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210" + }, + { + "url": "https://lists.apache.org/thread/gs0qgk2mgss7zfhzdd6ftfjvm4kp7v82", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/gs0qgk2mgss7zfhzdd6ftfjvm4kp7v82" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Letian Yuan" + } + ] } \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4480.json b/2023/4xxx/CVE-2023-4480.json index f081712b660..13906b11f5c 100644 --- a/2023/4xxx/CVE-2023-4480.json +++ b/2023/4xxx/CVE-2023-4480.json @@ -1,17 +1,116 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-4480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@synopsys.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nDue to an out-of-date dependency in the \u201cFusion File Manager\u201d component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application\u2019s mime-type and file extension validation.\u00a0\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory", + "cweId": "CWE-538" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPFusion", + "product": { + "product_data": [ + { + "product_name": "PHPFusion", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "9.10.30", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/", + "refsource": "MISC", + "name": "https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\nTechnologies such as a web application firewall may help to mitigate exploitation attempts.\n\n
" + } + ], + "value": "\nTechnologies such as a web application firewall may help to mitigate exploitation attempts.\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Dharani Sri Penumacha" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/4xxx/CVE-2023-4772.json b/2023/4xxx/CVE-2023-4772.json new file mode 100644 index 00000000000..b6c72ac4c86 --- /dev/null +++ b/2023/4xxx/CVE-2023-4772.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4772", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file