From 4d8c051308ee1ce2ec79c764aa3a6bbc59f330f3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 17 Jul 2023 17:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/1xxx/CVE-2019-1937.json | 5 ++ 2021/37xxx/CVE-2021-37386.json | 66 ++++++++++++++++-- 2022/24xxx/CVE-2022-24715.json | 5 ++ 2022/36xxx/CVE-2022-36354.json | 20 +++--- 2022/41xxx/CVE-2022-41981.json | 20 +++--- 2023/28xxx/CVE-2023-28767.json | 122 +++++++++++++++++++++++++++++++-- 2023/34xxx/CVE-2023-34669.json | 56 +++++++++++++-- 2023/37xxx/CVE-2023-37269.json | 5 ++ 2023/37xxx/CVE-2023-37475.json | 81 ++++++++++++++++++++-- 9 files changed, 336 insertions(+), 44 deletions(-) diff --git a/2019/1xxx/CVE-2019-1937.json b/2019/1xxx/CVE-2019-1937.json index f7351ae701a..28b56717140 100644 --- a/2019/1xxx/CVE-2019-1937.json +++ b/2019/1xxx/CVE-2019-1937.json @@ -92,6 +92,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154308/Cisco-UCS-Director-Unauthenticated-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/154308/Cisco-UCS-Director-Unauthenticated-Remote-Code-Execution.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/173531/Cisco-UCS-IMC-Supervisor-2.2.0.0-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/173531/Cisco-UCS-IMC-Supervisor-2.2.0.0-Authentication-Bypass.html" } ] }, diff --git a/2021/37xxx/CVE-2021-37386.json b/2021/37xxx/CVE-2021-37386.json index c37324eb27e..2d590061c7e 100644 --- a/2021/37xxx/CVE-2021-37386.json +++ b/2021/37xxx/CVE-2021-37386.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-37386", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-37386", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cwe.mitre.org/data/definitions/79.html", + "refsource": "MISC", + "name": "https://cwe.mitre.org/data/definitions/79.html" + }, + { + "url": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection", + "refsource": "MISC", + "name": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection" + }, + { + "refsource": "MISC", + "name": "https://gist.githubusercontent.com/LuigiPolidorio/ec78daac7c3d97966f2e3703ca5d1685/raw/d64a487407d6f9685d3907206954a6c84c6fa621/reference.txt", + "url": "https://gist.githubusercontent.com/LuigiPolidorio/ec78daac7c3d97966f2e3703ca5d1685/raw/d64a487407d6f9685d3907206954a6c84c6fa621/reference.txt" } ] } diff --git a/2022/24xxx/CVE-2022-24715.json b/2022/24xxx/CVE-2022-24715.json index af549667709..c4cd93bf872 100644 --- a/2022/24xxx/CVE-2022-24715.json +++ b/2022/24xxx/CVE-2022-24715.json @@ -86,6 +86,11 @@ "refsource": "GENTOO", "name": "GLSA-202208-05", "url": "https://security.gentoo.org/glsa/202208-05" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/173516/Icinga-Web-2.10-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/173516/Icinga-Web-2.10-Remote-Code-Execution.html" } ] }, diff --git a/2022/36xxx/CVE-2022-36354.json b/2022/36xxx/CVE-2022-36354.json index e9c67f1d906..dae21c76f4d 100644 --- a/2022/36xxx/CVE-2022-36354.json +++ b/2022/36xxx/CVE-2022-36354.json @@ -62,24 +62,20 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1629", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1629" - }, - { - "url": "https://www.debian.org/security/2023/dsa-5384", - "refsource": "MISC", - "name": "https://www.debian.org/security/2023/dsa-5384" - }, - { - "url": "https://security.gentoo.org/glsa/202305-33", - "refsource": "MISC", - "name": "https://security.gentoo.org/glsa/202305-33" } ] }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Lilith >_> of Cisco Talos." + } + ], "impact": { "cvss": [ { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", diff --git a/2022/41xxx/CVE-2022-41981.json b/2022/41xxx/CVE-2022-41981.json index f2317763d38..ad99bc64a76 100644 --- a/2022/41xxx/CVE-2022-41981.json +++ b/2022/41xxx/CVE-2022-41981.json @@ -58,24 +58,20 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1628", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1628" - }, - { - "url": "https://www.debian.org/security/2023/dsa-5384", - "refsource": "MISC", - "name": "https://www.debian.org/security/2023/dsa-5384" - }, - { - "url": "https://security.gentoo.org/glsa/202305-33", - "refsource": "MISC", - "name": "https://security.gentoo.org/glsa/202305-33" } ] }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Lilith >_> of Cisco Talos." + } + ], "impact": { "cvss": [ { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", diff --git a/2023/28xxx/CVE-2023-28767.json b/2023/28xxx/CVE-2023-28767.json index eb96e541318..3155bb64247 100644 --- a/2023/28xxx/CVE-2023-28767.json +++ b/2023/28xxx/CVE-2023-28767.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28767", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@zyxel.com.tw", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions\u00a05.00 through 5.36,\u00a0 USG FLEX 50(W) series firmware versions 5.10 through 5.36, \n\nUSG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Zyxel", + "product": { + "product_data": [ + { + "product_name": "ATP series firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.10 through 5.36" + } + ] + } + }, + { + "product_name": "USG FLEX series firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.00 through 5.36" + } + ] + } + }, + { + "product_name": "USG FLEX 50(W) series firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.10 through 5.36" + } + ] + } + }, + { + "product_name": "USG20(W)-VPN series firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.10 through 5.36" + } + ] + } + }, + { + "product_name": "VPN series firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.00 through 5.36" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", + "refsource": "MISC", + "name": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/34xxx/CVE-2023-34669.json b/2023/34xxx/CVE-2023-34669.json index 87caff977d1..50bb4977c37 100644 --- a/2023/34xxx/CVE-2023-34669.json +++ b/2023/34xxx/CVE-2023-34669.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-34669", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-34669", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://w3b5h3ll.notion.site/w3b5h3ll/TOTOLINK-CP300-c96d775881f0476b9ef465dba9c6d9b8", + "refsource": "MISC", + "name": "https://w3b5h3ll.notion.site/w3b5h3ll/TOTOLINK-CP300-c96d775881f0476b9ef465dba9c6d9b8" } ] } diff --git a/2023/37xxx/CVE-2023-37269.json b/2023/37xxx/CVE-2023-37269.json index 7f4df34e6da..b8d377cd056 100644 --- a/2023/37xxx/CVE-2023-37269.json +++ b/2023/37xxx/CVE-2023-37269.json @@ -73,6 +73,11 @@ "url": "https://github.com/wintercms/winter/releases/tag/v1.2.3", "refsource": "MISC", "name": "https://github.com/wintercms/winter/releases/tag/v1.2.3" + }, + { + "url": "http://packetstormsecurity.com/files/173520/WinterCMS-1.2.2-Cross-Site-Scripting.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/173520/WinterCMS-1.2.2-Cross-Site-Scripting.html" } ] }, diff --git a/2023/37xxx/CVE-2023-37475.json b/2023/37xxx/CVE-2023-37475.json index 74a9a2a4046..2f98ab2e589 100644 --- a/2023/37xxx/CVE-2023-37475.json +++ b/2023/37xxx/CVE-2023-37475.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-37475", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial of service of the consumer of avro. The root cause of the issue is that avro uses part of the input to `Unmarshal()` to determine the size when creating a new slice and hence an attacker may consume arbitrary amounts of memory which in turn may cause the application to crash. This issue has been addressed in commit `b4a402f4` which has been included in release version `2.13.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "hamba", + "product": { + "product_data": [ + { + "product_name": "avro", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.13.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/hamba/avro/security/advisories/GHSA-9x44-9pgq-cf45", + "refsource": "MISC", + "name": "https://github.com/hamba/avro/security/advisories/GHSA-9x44-9pgq-cf45" + }, + { + "url": "https://github.com/hamba/avro/commit/b4a402f41cf44b6094b5131286830ba9bb1eb290", + "refsource": "MISC", + "name": "https://github.com/hamba/avro/commit/b4a402f41cf44b6094b5131286830ba9bb1eb290" + } + ] + }, + "source": { + "advisory": "GHSA-9x44-9pgq-cf45", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] }