admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 11:37:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-11-07 20:00:36 +00:00
parent afd60cf0ad
commit 5201fb5db0
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
14 changed files with 1716 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

761
2023/20xxx/CVE-2023-20198.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.\r\n\r For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory\u00a0\r\n\r Cisco will provide updates on the status of this investigation and when a software patch is available."
"value": "Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343."
}
]
},
@ -40,7 +40,747 @@
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
"version_value": "16.1.1"
},
{
"version_affected": "=",
"version_value": "16.1.2"
},
{
"version_affected": "=",
"version_value": "16.1.3"
},
{
"version_affected": "=",
"version_value": "16.2.1"
},
{
"version_affected": "=",
"version_value": "16.2.2"
},
{
"version_affected": "=",
"version_value": "16.3.1"
},
{
"version_affected": "=",
"version_value": "16.3.2"
},
{
"version_affected": "=",
"version_value": "16.3.3"
},
{
"version_affected": "=",
"version_value": "16.3.1a"
},
{
"version_affected": "=",
"version_value": "16.3.4"
},
{
"version_affected": "=",
"version_value": "16.3.5"
},
{
"version_affected": "=",
"version_value": "16.3.5b"
},
{
"version_affected": "=",
"version_value": "16.3.6"
},
{
"version_affected": "=",
"version_value": "16.3.7"
},
{
"version_affected": "=",
"version_value": "16.3.8"
},
{
"version_affected": "=",
"version_value": "16.3.9"
},
{
"version_affected": "=",
"version_value": "16.3.10"
},
{
"version_affected": "=",
"version_value": "16.3.11"
},
{
"version_affected": "=",
"version_value": "16.4.1"
},
{
"version_affected": "=",
"version_value": "16.4.2"
},
{
"version_affected": "=",
"version_value": "16.4.3"
},
{
"version_affected": "=",
"version_value": "16.5.1"
},
{
"version_affected": "=",
"version_value": "16.5.1a"
},
{
"version_affected": "=",
"version_value": "16.5.1b"
},
{
"version_affected": "=",
"version_value": "16.5.2"
},
{
"version_affected": "=",
"version_value": "16.5.3"
},
{
"version_affected": "=",
"version_value": "16.6.1"
},
{
"version_affected": "=",
"version_value": "16.6.2"
},
{
"version_affected": "=",
"version_value": "16.6.3"
},
{
"version_affected": "=",
"version_value": "16.6.4"
},
{
"version_affected": "=",
"version_value": "16.6.5"
},
{
"version_affected": "=",
"version_value": "16.6.4a"
},
{
"version_affected": "=",
"version_value": "16.6.5a"
},
{
"version_affected": "=",
"version_value": "16.6.6"
},
{
"version_affected": "=",
"version_value": "16.6.7"
},
{
"version_affected": "=",
"version_value": "16.6.8"
},
{
"version_affected": "=",
"version_value": "16.6.9"
},
{
"version_affected": "=",
"version_value": "16.6.10"
},
{
"version_affected": "=",
"version_value": "16.7.1"
},
{
"version_affected": "=",
"version_value": "16.7.1a"
},
{
"version_affected": "=",
"version_value": "16.7.1b"
},
{
"version_affected": "=",
"version_value": "16.7.2"
},
{
"version_affected": "=",
"version_value": "16.7.3"
},
{
"version_affected": "=",
"version_value": "16.7.4"
},
{
"version_affected": "=",
"version_value": "16.8.1"
},
{
"version_affected": "=",
"version_value": "16.8.1a"
},
{
"version_affected": "=",
"version_value": "16.8.1b"
},
{
"version_affected": "=",
"version_value": "16.8.1s"
},
{
"version_affected": "=",
"version_value": "16.8.1c"
},
{
"version_affected": "=",
"version_value": "16.8.1d"
},
{
"version_affected": "=",
"version_value": "16.8.2"
},
{
"version_affected": "=",
"version_value": "16.8.1e"
},
{
"version_affected": "=",
"version_value": "16.8.3"
},
{
"version_affected": "=",
"version_value": "16.9.1"
},
{
"version_affected": "=",
"version_value": "16.9.2"
},
{
"version_affected": "=",
"version_value": "16.9.1a"
},
{
"version_affected": "=",
"version_value": "16.9.1b"
},
{
"version_affected": "=",
"version_value": "16.9.1s"
},
{
"version_affected": "=",
"version_value": "16.9.3"
},
{
"version_affected": "=",
"version_value": "16.9.4"
},
{
"version_affected": "=",
"version_value": "16.9.3a"
},
{
"version_affected": "=",
"version_value": "16.9.5"
},
{
"version_affected": "=",
"version_value": "16.9.5f"
},
{
"version_affected": "=",
"version_value": "16.9.6"
},
{
"version_affected": "=",
"version_value": "16.9.7"
},
{
"version_affected": "=",
"version_value": "16.9.8"
},
{
"version_affected": "=",
"version_value": "16.10.1"
},
{
"version_affected": "=",
"version_value": "16.10.1a"
},
{
"version_affected": "=",
"version_value": "16.10.1b"
},
{
"version_affected": "=",
"version_value": "16.10.1s"
},
{
"version_affected": "=",
"version_value": "16.10.1c"
},
{
"version_affected": "=",
"version_value": "16.10.1e"
},
{
"version_affected": "=",
"version_value": "16.10.1d"
},
{
"version_affected": "=",
"version_value": "16.10.2"
},
{
"version_affected": "=",
"version_value": "16.10.1f"
},
{
"version_affected": "=",
"version_value": "16.10.1g"
},
{
"version_affected": "=",
"version_value": "16.10.3"
},
{
"version_affected": "=",
"version_value": "16.11.1"
},
{
"version_affected": "=",
"version_value": "16.11.1a"
},
{
"version_affected": "=",
"version_value": "16.11.1b"
},
{
"version_affected": "=",
"version_value": "16.11.2"
},
{
"version_affected": "=",
"version_value": "16.11.1s"
},
{
"version_affected": "=",
"version_value": "16.12.1"
},
{
"version_affected": "=",
"version_value": "16.12.1s"
},
{
"version_affected": "=",
"version_value": "16.12.1a"
},
{
"version_affected": "=",
"version_value": "16.12.1c"
},
{
"version_affected": "=",
"version_value": "16.12.1w"
},
{
"version_affected": "=",
"version_value": "16.12.2"
},
{
"version_affected": "=",
"version_value": "16.12.1y"
},
{
"version_affected": "=",
"version_value": "16.12.2a"
},
{
"version_affected": "=",
"version_value": "16.12.3"
},
{
"version_affected": "=",
"version_value": "16.12.8"
},
{
"version_affected": "=",
"version_value": "16.12.2s"
},
{
"version_affected": "=",
"version_value": "16.12.1x"
},
{
"version_affected": "=",
"version_value": "16.12.1t"
},
{
"version_affected": "=",
"version_value": "16.12.4"
},
{
"version_affected": "=",
"version_value": "16.12.3s"
},
{
"version_affected": "=",
"version_value": "16.12.3a"
},
{
"version_affected": "=",
"version_value": "16.12.4a"
},
{
"version_affected": "=",
"version_value": "16.12.5"
},
{
"version_affected": "=",
"version_value": "16.12.6"
},
{
"version_affected": "=",
"version_value": "16.12.1z1"
},
{
"version_affected": "=",
"version_value": "16.12.5a"
},
{
"version_affected": "=",
"version_value": "16.12.5b"
},
{
"version_affected": "=",
"version_value": "16.12.1z2"
},
{
"version_affected": "=",
"version_value": "16.12.6a"
},
{
"version_affected": "=",
"version_value": "16.12.7"
},
{
"version_affected": "=",
"version_value": "16.12.9"
},
{
"version_affected": "=",
"version_value": "16.12.10"
},
{
"version_affected": "=",
"version_value": "17.1.1"
},
{
"version_affected": "=",
"version_value": "17.1.1a"
},
{
"version_affected": "=",
"version_value": "17.1.1s"
},
{
"version_affected": "=",
"version_value": "17.1.1t"
},
{
"version_affected": "=",
"version_value": "17.1.3"
},
{
"version_affected": "=",
"version_value": "17.2.1"
},
{
"version_affected": "=",
"version_value": "17.2.1r"
},
{
"version_affected": "=",
"version_value": "17.2.1a"
},
{
"version_affected": "=",
"version_value": "17.2.1v"
},
{
"version_affected": "=",
"version_value": "17.2.2"
},
{
"version_affected": "=",
"version_value": "17.2.3"
},
{
"version_affected": "=",
"version_value": "17.3.1"
},
{
"version_affected": "=",
"version_value": "17.3.2"
},
{
"version_affected": "=",
"version_value": "17.3.3"
},
{
"version_affected": "=",
"version_value": "17.3.1a"
},
{
"version_affected": "=",
"version_value": "17.3.1w"
},
{
"version_affected": "=",
"version_value": "17.3.2a"
},
{
"version_affected": "=",
"version_value": "17.3.1x"
},
{
"version_affected": "=",
"version_value": "17.3.1z"
},
{
"version_affected": "=",
"version_value": "17.3.4"
},
{
"version_affected": "=",
"version_value": "17.3.5"
},
{
"version_affected": "=",
"version_value": "17.3.4a"
},
{
"version_affected": "=",
"version_value": "17.3.6"
},
{
"version_affected": "=",
"version_value": "17.3.4b"
},
{
"version_affected": "=",
"version_value": "17.3.4c"
},
{
"version_affected": "=",
"version_value": "17.3.5a"
},
{
"version_affected": "=",
"version_value": "17.3.5b"
},
{
"version_affected": "=",
"version_value": "17.3.7"
},
{
"version_affected": "=",
"version_value": "17.3.8"
},
{
"version_affected": "=",
"version_value": "17.4.1"
},
{
"version_affected": "=",
"version_value": "17.4.2"
},
{
"version_affected": "=",
"version_value": "17.4.1a"
},
{
"version_affected": "=",
"version_value": "17.4.1b"
},
{
"version_affected": "=",
"version_value": "17.4.2a"
},
{
"version_affected": "=",
"version_value": "17.5.1"
},
{
"version_affected": "=",
"version_value": "17.5.1a"
},
{
"version_affected": "=",
"version_value": "17.5.1b"
},
{
"version_affected": "=",
"version_value": "17.5.1c"
},
{
"version_affected": "=",
"version_value": "17.6.1"
},
{
"version_affected": "=",
"version_value": "17.6.2"
},
{
"version_affected": "=",
"version_value": "17.6.1w"
},
{
"version_affected": "=",
"version_value": "17.6.1a"
},
{
"version_affected": "=",
"version_value": "17.6.1x"
},
{
"version_affected": "=",
"version_value": "17.6.3"
},
{
"version_affected": "=",
"version_value": "17.6.1y"
},
{
"version_affected": "=",
"version_value": "17.6.1z"
},
{
"version_affected": "=",
"version_value": "17.6.3a"
},
{
"version_affected": "=",
"version_value": "17.6.4"
},
{
"version_affected": "=",
"version_value": "17.6.1z1"
},
{
"version_affected": "=",
"version_value": "17.6.5"
},
{
"version_affected": "=",
"version_value": "17.6.6"
},
{
"version_affected": "=",
"version_value": "17.7.1"
},
{
"version_affected": "=",
"version_value": "17.7.1a"
},
{
"version_affected": "=",
"version_value": "17.7.1b"
},
{
"version_affected": "=",
"version_value": "17.7.2"
},
{
"version_affected": "=",
"version_value": "17.10.1"
},
{
"version_affected": "=",
"version_value": "17.10.1a"
},
{
"version_affected": "=",
"version_value": "17.10.1b"
},
{
"version_affected": "=",
"version_value": "17.8.1"
},
{
"version_affected": "=",
"version_value": "17.8.1a"
},
{
"version_affected": "=",
"version_value": "17.9.1"
},
{
"version_affected": "=",
"version_value": "17.9.1w"
},
{
"version_affected": "=",
"version_value": "17.9.2"
},
{
"version_affected": "=",
"version_value": "17.9.1a"
},
{
"version_affected": "=",
"version_value": "17.9.1x"
},
{
"version_affected": "=",
"version_value": "17.9.1y"
},
{
"version_affected": "=",
"version_value": "17.9.3"
},
{
"version_affected": "=",
"version_value": "17.9.2a"
},
{
"version_affected": "=",
"version_value": "17.9.1x1"
},
{
"version_affected": "=",
"version_value": "17.9.3a"
},
{
"version_affected": "=",
"version_value": "17.9.4"
},
{
"version_affected": "=",
"version_value": "17.9.1y1"
},
{
"version_affected": "=",
"version_value": "17.11.1"
},
{
"version_affected": "=",
"version_value": "17.11.1a"
},
{
"version_affected": "=",
"version_value": "17.12.1"
},
{
"version_affected": "=",
"version_value": "17.12.1a"
},
{
"version_affected": "=",
"version_value": "17.11.99SW"
}
]
}
@ -57,21 +797,6 @@
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z"
},
{
"url": "https://arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/",
"refsource": "MISC",
"name": "https://arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/"
},
{
"url": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit",
"refsource": "MISC",
"name": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit"
},
{
"url": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities",
"refsource": "MISC",
"name": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities"
}
]
},
@ -85,7 +810,7 @@
"exploit": [
{
"lang": "en",
"value": "Cisco is aware of active exploitation of this vulnerability."
"value": "Cisco is aware of active exploitation of these vulnerabilities."
}
],
"impact": {

78
2023/20xxx/CVE-2023-20273.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
"value": "A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
}
]
},
@ -38,6 +38,46 @@
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "16.1.1"
},
{
"version_affected": "=",
"version_value": "16.1.2"
},
{
"version_affected": "=",
"version_value": "16.1.3"
},
{
"version_affected": "=",
"version_value": "16.2.1"
},
{
"version_affected": "=",
"version_value": "16.2.2"
},
{
"version_affected": "=",
"version_value": "16.3.1"
},
{
"version_affected": "=",
"version_value": "16.3.2"
},
{
"version_affected": "=",
"version_value": "16.3.3"
},
{
"version_affected": "=",
"version_value": "16.3.1a"
},
{
"version_affected": "=",
"version_value": "16.3.4"
},
{
"version_affected": "=",
"version_value": "16.3.5"
@ -70,6 +110,42 @@
"version_affected": "=",
"version_value": "16.3.11"
},
{
"version_affected": "=",
"version_value": "16.4.1"
},
{
"version_affected": "=",
"version_value": "16.4.2"
},
{
"version_affected": "=",
"version_value": "16.4.3"
},
{
"version_affected": "=",
"version_value": "16.5.1"
},
{
"version_affected": "=",
"version_value": "16.5.1a"
},
{
"version_affected": "=",
"version_value": "16.5.1b"
},
{
"version_affected": "=",
"version_value": "16.5.2"
},
{
"version_affected": "=",
"version_value": "16.5.3"
},
{
"version_affected": "=",
"version_value": "16.6.1"
},
{
"version_affected": "=",
"version_value": "16.6.2"

4
2023/37xxx/CVE-2023-37835.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-37835",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-45396. Reason: This record is a duplicate of CVE-2023-45396. Notes: All CVE users should reference CVE-2023-45396 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}

86
2023/46xxx/CVE-2023-46242.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46242",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xwiki",
"product": {
"product_data": [
{
"product_name": "xwiki-platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.0, < 14.10.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hgpw-6p4h-j6h5",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hgpw-6p4h-j6h5"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/cf8eb861998ea423c3645d2e5e974420b0e882be",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/commit/cf8eb861998ea423c3645d2e5e974420b0e882be"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20386",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20386"
}
]
},
"source": {
"advisory": "GHSA-hgpw-6p4h-j6h5",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.7,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

86
2023/46xxx/CVE-2023-46243.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46243",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it. A crafted URL of the form ` /xwiki/bin/edit//?content=%7B%7Bgroovy%7D%7Dprintln%28%22Hello+from+Groovy%21%22%29%7B%7B%2Fgroovy%7D%7D&xpage=view` can be used to execute arbitrary groovy code on the server. This vulnerability has been patched in XWiki versions 14.10.6 and 15.2RC1. Users are advised to update. There are no known workarounds for this issue. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xwiki",
"product": {
"product_data": [
{
"product_name": "xwiki-platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.0, < 14.10.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g2qq-c5j9-5w5w",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g2qq-c5j9-5w5w"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/a0e6ca083b36be6f183b9af33ae735c1e02010f4",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/commit/a0e6ca083b36be6f183b9af33ae735c1e02010f4"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20385",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20385"
}
]
},
"source": {
"advisory": "GHSA-g2qq-c5j9-5w5w",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

96
2023/46xxx/CVE-2023-46244.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46244",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to write a script in which any velocity content is executed with the right of any other document content author. Since this API require programming right and the user does not have it, the expected result is `$doc.document.authors.contentAuthor` (not executed script), unfortunately with the security vulnerability it is possible for the attacker to get `XWiki.superadmin` which shows that the title was executed with the right of the unmodified document. This has been patched in XWiki versions 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xwiki",
"product": {
"product_data": [
{
"product_name": "xwiki-platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 3.2-milestone-3, < 14.10.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmxw-c48h-2vf5",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmxw-c48h-2vf5"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/11a9170dfe63e59f4066db67f84dbfce4ed619c6",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/commit/11a9170dfe63e59f4066db67f84dbfce4ed619c6"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/41d7dca2d30084966ca6a7ee537f39ee8354a7e3",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/commit/41d7dca2d30084966ca6a7ee537f39ee8354a7e3"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20624",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20624"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20625",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20625"
}
]
},
"source": {
"advisory": "GHSA-rmxw-c48h-2vf5",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

76
2023/46xxx/CVE-2023-46252.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46252",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Squidex is an open source headless CMS and content management hub. Affected versions are missing origin verification in a postMessage handler which introduces a Cross-Site Scripting (XSS) vulnerability. The editor-sdk.js file defines three different class-like functions, which employ a global message event listener: SquidexSidebar, SquidexWidget, and SquidexFormField. The registered event listener takes some action based on the type of the received message. For example, when the SquidexFormField receives a message with the type valueChanged, the value property is updated. The SquidexFormField class is for example used in the editor-editorjs.html file, which can be accessed via the public wwwroot folder. It uses the onValueChanged method to register a callback function, which passes the value provided from the message event to the editor.render. Passing an attacker-controlled value to this function introduces a Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Squidex",
"product": {
"product_data": [
{
"product_name": "squidex",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 7.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/Squidex/squidex/security/advisories/GHSA-7q4f-fprr-5jw8",
"refsource": "MISC",
"name": "https://github.com/Squidex/squidex/security/advisories/GHSA-7q4f-fprr-5jw8"
}
]
},
"source": {
"advisory": "GHSA-7q4f-fprr-5jw8",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
]
}

18
2023/47xxx/CVE-2023-47166.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47166",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

200
2023/4xxx/CVE-2023-4154.json
View File

@ -1,17 +1,209 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4154",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "samba",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.1",
"status": "unaffected"
},
{
"version": "4.18.8",
"status": "unaffected"
},
{
"version": "4.17.12",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Storage 3",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4154",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4154"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241883",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2241883"
},
{
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15424",
"refsource": "MISC",
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15424"
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-4154.html",
"refsource": "MISC",
"name": "https://www.samba.org/samba/security/CVE-2023-4154.html"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

111
2023/4xxx/CVE-2023-4956.json
View File

@ -1,17 +1,120 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4956",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerable to clickjacking. This flaw allows an attacker to trick an administrator user into clicking on buttons on the config-editor panel, possibly reconfiguring some parts of the Quay instance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Interface (UI) Misrepresentation of Critical Information",
"cweId": "CWE-451"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "quay",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Quay 3",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4956",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4956"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238886",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2238886"
}
]
},
"work_around": [
{
"lang": "en",
"value": "It is recommended to configure the webserver to perform the inclusion of the X-Frame-Options: Deny header."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Oleg Sushchenko (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

84
2023/5xxx/CVE-2023-5309.json
View File

@ -1,17 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5309",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@perforce.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5\u00a0contain a flaw which results in broken session management for SAML implementations. \n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384 Session Fixation",
"cweId": "CWE-384"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Puppet",
"product": {
"product_data": [
{
"product_name": "Puppet Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2021.7.0",
"version_value": "2021.7.6"
},
{
"version_affected": "<",
"version_name": "2023.0.0",
"version_value": "2023.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.puppet.com/security/cve/cve-2023-5309-broken-session-management-puppet-enterprise",
"refsource": "MISC",
"name": "https://www.puppet.com/security/cve/cve-2023-5309-broken-session-management-puppet-enterprise"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}

75
2023/5xxx/CVE-2023-5818.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5818",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8.1. This is due to missing or incorrect nonce validation on the amazonifyOptionsPage() function. This makes it possible for unauthenticated attackers to update the plugins settings, including the Amazon Tracking ID, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "garykeorkunian",
"product": {
"product_data": [
{
"product_name": "Amazonify",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "0.8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33f3c466-bdeb-402f-bf34-bc703f35e1e2?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33f3c466-bdeb-402f-bf34-bc703f35e1e2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ala Arfaoui"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

80
2023/5xxx/CVE-2023-5819.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5819",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Amazonify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. However, please note that this can also be combined with CVE-2023-5818 for CSRF to XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "garykeorkunian",
"product": {
"product_data": [
{
"product_name": "Amazonify",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "0.8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/41adfb58-d79f-40a3-8a7e-f3f08f64659f?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/41adfb58-d79f-40a3-8a7e-f3f08f64659f?source=cve"
},
{
"url": "https://wordpress.org/plugins/amazonify/",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/amazonify/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ala Arfaoui"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
}
]
}

18
2023/5xxx/CVE-2023-5999.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}