From 4dd132163db164c0a25b8310cb5639f4a4879206 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 21 May 2025 22:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/34xxx/CVE-2025-34027.json | 78 +++++++++++++++++++++-- 2025/47xxx/CVE-2025-47942.json | 86 ++++++++++++++++++++++++-- 2025/5xxx/CVE-2025-5052.json | 109 +++++++++++++++++++++++++++++++-- 2025/5xxx/CVE-2025-5053.json | 109 +++++++++++++++++++++++++++++++-- 2025/5xxx/CVE-2025-5069.json | 18 ++++++ 2025/5xxx/CVE-2025-5070.json | 18 ++++++ 6 files changed, 401 insertions(+), 17 deletions(-) create mode 100644 2025/5xxx/CVE-2025-5069.json create mode 100644 2025/5xxx/CVE-2025-5070.json diff --git a/2025/34xxx/CVE-2025-34027.json b/2025/34xxx/CVE-2025-34027.json index 0a4937389f6..bf6fbf45550 100644 --- a/2025/34xxx/CVE-2025-34027.json +++ b/2025/34xxx/CVE-2025-34027.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-34027", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use (TOCTOU) write in combination with a race condition to achieve remote code execution via path loading manipulation, allowing an unauthenticated actor to achieve remote code execution (RCE).This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", + "cweId": "CWE-362" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-287 Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Versa", + "product": { + "product_data": [ + { + "product_name": "Concerto", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "12.1.2", + "version_value": "12.2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce", + "refsource": "MISC", + "name": "https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "ProjectDiscovery" + } + ] } \ No newline at end of file diff --git a/2025/47xxx/CVE-2025-47942.json b/2025/47xxx/CVE-2025-47942.json index 2be6582d840..631696f308b 100644 --- a/2025/47xxx/CVE-2025-47942.json +++ b/2025/47xxx/CVE-2025-47942.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-47942", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the python_lib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course problems. This potentially affects any course using custom Python-graded problem blocks. The openedx/configuration repo has had a patch since 2016 in the form of an nginx rule, but this was only intended as a temporary mitigation. As the configuration repo has been deprecated and we have not been able to locate any similar protection in Tutor, it is likely that most deployments have no protection against python_lib.zip being downloaded. The recommended mitigation, implemented in commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, restricts python_lib.zip downloads to just the course team and site staff/superusers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openedx", + "product": { + "product_data": [ + { + "product_name": "edx-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openedx/edx-platform/security/advisories/GHSA-x5cm-2hpq-pw57", + "refsource": "MISC", + "name": "https://github.com/openedx/edx-platform/security/advisories/GHSA-x5cm-2hpq-pw57" + }, + { + "url": "https://github.com/openedx/edx-platform/commit/6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba", + "refsource": "MISC", + "name": "https://github.com/openedx/edx-platform/commit/6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba" + }, + { + "url": "https://github.com/edx/configuration/blob/3471fc036a6664cedd3e2d78403dca73bc1cda51/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/python_lib.zip.j2", + "refsource": "MISC", + "name": "https://github.com/edx/configuration/blob/3471fc036a6664cedd3e2d78403dca73bc1cda51/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/python_lib.zip.j2" + } + ] + }, + "source": { + "advisory": "GHSA-x5cm-2hpq-pw57", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/5xxx/CVE-2025-5052.json b/2025/5xxx/CVE-2025-5052.json index 99294d67b34..06a83839ebb 100644 --- a/2025/5xxx/CVE-2025-5052.json +++ b/2025/5xxx/CVE-2025-5052.json @@ -1,17 +1,118 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-5052", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In FreeFloat FTP Server 1.0 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente LS Command Handler. Dank Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Overflow", + "cweId": "CWE-120" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FreeFloat", + "product": { + "product_data": [ + { + "product_name": "FTP Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.309871", + "refsource": "MISC", + "name": "https://vuldb.com/?id.309871" + }, + { + "url": "https://vuldb.com/?ctiid.309871", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.309871" + }, + { + "url": "https://vuldb.com/?submit.581284", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.581284" + }, + { + "url": "https://fitoxs.com/exploit/exploit-bbcf0f842f1c5385430b6992995a8eb068c58dfbaae38ffb7df1d2c69041bc7c1.txt", + "refsource": "MISC", + "name": "https://fitoxs.com/exploit/exploit-bbcf0f842f1c5385430b6992995a8eb068c58dfbaae38ffb7df1d2c69041bc7c1.txt" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Fernando Mengali (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/5xxx/CVE-2025-5053.json b/2025/5xxx/CVE-2025-5053.json index f023057334c..9170741651a 100644 --- a/2025/5xxx/CVE-2025-5053.json +++ b/2025/5xxx/CVE-2025-5053.json @@ -1,17 +1,118 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-5053", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine kritische Schwachstelle wurde in FreeFloat FTP Server 1.0 entdeckt. Dies betrifft einen unbekannten Teil der Komponente MDIR Command Handler. Mit der Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Overflow", + "cweId": "CWE-120" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FreeFloat", + "product": { + "product_data": [ + { + "product_name": "FTP Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.309872", + "refsource": "MISC", + "name": "https://vuldb.com/?id.309872" + }, + { + "url": "https://vuldb.com/?ctiid.309872", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.309872" + }, + { + "url": "https://vuldb.com/?submit.581285", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.581285" + }, + { + "url": "https://fitoxs.com/exploit/exploit-844fd54e7c56f8d038fc23d799cbff05d37452bc15f9a7203808d082de4a475f.txt", + "refsource": "MISC", + "name": "https://fitoxs.com/exploit/exploit-844fd54e7c56f8d038fc23d799cbff05d37452bc15f9a7203808d082de4a475f.txt" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Fernando Mengali (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/5xxx/CVE-2025-5069.json b/2025/5xxx/CVE-2025-5069.json new file mode 100644 index 00000000000..8666608b0cc --- /dev/null +++ b/2025/5xxx/CVE-2025-5069.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-5069", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/5xxx/CVE-2025-5070.json b/2025/5xxx/CVE-2025-5070.json new file mode 100644 index 00000000000..dacdd9074dd --- /dev/null +++ b/2025/5xxx/CVE-2025-5070.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-5070", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file