From 595d1c8bb22d5c93f398dfe5c37169ebe92fac92 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 10 Sep 2024 09:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/39xxx/CVE-2024-39580.json | 79 ++++- 2024/39xxx/CVE-2024-39581.json | 79 ++++- 2024/39xxx/CVE-2024-39583.json | 79 ++++- 2024/39xxx/CVE-2024-39613.json | 18 ++ 2024/42xxx/CVE-2024-42424.json | 79 ++++- 2024/42xxx/CVE-2024-42425.json | 79 ++++- 2024/43xxx/CVE-2024-43385.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43386.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43387.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43388.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43389.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43390.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43391.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43392.json | 513 ++++++++++++++++++++++++++++++++- 2024/43xxx/CVE-2024-43393.json | 513 ++++++++++++++++++++++++++++++++- 2024/45xxx/CVE-2024-45833.json | 18 ++ 2024/6xxx/CVE-2024-6596.json | 165 ++++++++++- 2024/6xxx/CVE-2024-6655.json | 6 + 2024/7xxx/CVE-2024-7698.json | 513 ++++++++++++++++++++++++++++++++- 2024/7xxx/CVE-2024-7699.json | 513 ++++++++++++++++++++++++++++++++- 2024/7xxx/CVE-2024-7734.json | 503 +++++++++++++++++++++++++++++++- 2024/8xxx/CVE-2024-8258.json | 110 ++++++- 2024/8xxx/CVE-2024-8645.json | 18 ++ 2024/8xxx/CVE-2024-8646.json | 18 ++ 24 files changed, 6817 insertions(+), 77 deletions(-) create mode 100644 2024/39xxx/CVE-2024-39613.json create mode 100644 2024/45xxx/CVE-2024-45833.json create mode 100644 2024/8xxx/CVE-2024-8645.json create mode 100644 2024/8xxx/CVE-2024-8646.json diff --git a/2024/39xxx/CVE-2024-39580.json b/2024/39xxx/CVE-2024-39580.json index a88dec7ad28..d9b7a84acd8 100644 --- a/2024/39xxx/CVE-2024-39580.json +++ b/2024/39xxx/CVE-2024-39580.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39580", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "PowerScale InsightIQ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0", + "version_value": "5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39581.json b/2024/39xxx/CVE-2024-39581.json index 7dd2be24066..67527d9a523 100644 --- a/2024/39xxx/CVE-2024-39581.json +++ b/2024/39xxx/CVE-2024-39581.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39581", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-552: Files or Directories Accessible to External Parties", + "cweId": "CWE-552" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "PowerScale InsightIQ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0", + "version_value": "5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39583.json b/2024/39xxx/CVE-2024-39583.json index f8dabc2136b..c1d68145a5a 100644 --- a/2024/39xxx/CVE-2024-39583.json +++ b/2024/39xxx/CVE-2024-39583.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39583", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", + "cweId": "CWE-327" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "PowerScale InsightIQ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0", + "version_value": "5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39613.json b/2024/39xxx/CVE-2024-39613.json new file mode 100644 index 00000000000..0d639a394a4 --- /dev/null +++ b/2024/39xxx/CVE-2024-39613.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-39613", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/42xxx/CVE-2024-42424.json b/2024/42xxx/CVE-2024-42424.json index 6ddae334ea9..8c8ed3c2812 100644 --- a/2024/42xxx/CVE-2024-42424.json +++ b/2024/42xxx/CVE-2024-42424.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42424", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "Dell Precision Rack BIOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "N/A", + "version_value": "2.22.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000227014/dsa-2024-327", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000227014/dsa-2024-327" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42425.json b/2024/42xxx/CVE-2024-42425.json index 1bdd6ec00b6..b11c30be2df 100644 --- a/2024/42xxx/CVE-2024-42425.json +++ b/2024/42xxx/CVE-2024-42425.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-788: Access of Memory Location After End of Buffer", + "cweId": "CWE-788" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "Dell Precision Rack BIOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "N/A", + "version_value": "2.22.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000227015/dsa-2024-328", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000227015/dsa-2024-328" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 3.8, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43385.json b/2024/43xxx/CVE-2024-43385.json index 31aa82586c8..5a88a919d58 100644 --- a/2024/43xxx/CVE-2024-43385.json +++ b/2024/43xxx/CVE-2024-43385.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43385", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78:Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43386.json b/2024/43xxx/CVE-2024-43386.json index 4ed4b457a53..210aa9d95f5 100644 --- a/2024/43xxx/CVE-2024-43386.json +++ b/2024/43xxx/CVE-2024-43386.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43386", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43387.json b/2024/43xxx/CVE-2024-43387.json index 069afbe25a4..54d36e979b8 100644 --- a/2024/43xxx/CVE-2024-43387.json +++ b/2024/43xxx/CVE-2024-43387.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43387", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43388.json b/2024/43xxx/CVE-2024-43388.json index 8fdec2667c7..b2434ec0ccd 100644 --- a/2024/43xxx/CVE-2024-43388.json +++ b/2024/43xxx/CVE-2024-43388.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43389.json b/2024/43xxx/CVE-2024-43389.json index 811d8e81540..42350a3d2f7 100644 --- a/2024/43xxx/CVE-2024-43389.json +++ b/2024/43xxx/CVE-2024-43389.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43389", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43390.json b/2024/43xxx/CVE-2024-43390.json index eb0a4eb27cd..993c56fdc5a 100644 --- a/2024/43xxx/CVE-2024-43390.json +++ b/2024/43xxx/CVE-2024-43390.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43390", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43391.json b/2024/43xxx/CVE-2024-43391.json index a272a88617c..9c868966ca0 100644 --- a/2024/43xxx/CVE-2024-43391.json +++ b/2024/43xxx/CVE-2024-43391.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43391", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43392.json b/2024/43xxx/CVE-2024-43392.json index 197f4884601..12099be7585 100644 --- a/2024/43xxx/CVE-2024-43392.json +++ b/2024/43xxx/CVE-2024-43392.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43392", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43393.json b/2024/43xxx/CVE-2024-43393.json index d28d79bed8a..ed6b3e95742 100644 --- a/2024/43xxx/CVE-2024-43393.json +++ b/2024/43xxx/CVE-2024-43393.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-43393", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/45xxx/CVE-2024-45833.json b/2024/45xxx/CVE-2024-45833.json new file mode 100644 index 00000000000..06ee4066119 --- /dev/null +++ b/2024/45xxx/CVE-2024-45833.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-45833", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6596.json b/2024/6xxx/CVE-2024-6596.json index c4b19aa740f..4154c628378 100644 --- a/2024/6xxx/CVE-2024-6596.json +++ b/2024/6xxx/CVE-2024-6596.json @@ -1,17 +1,174 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Endress+Hauser", + "product": { + "product_data": [ + { + "product_name": "Echo Curve Viewer", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "5.2.2.6" + } + ] + } + }, + { + "product_name": "FieldCare SFE500 Package USB", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "V1.40.00.7448" + } + ] + } + }, + { + "product_name": "FieldCare SFE500 Package Web-Package", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "V1.40.00.7448" + } + ] + } + }, + { + "product_name": "Field Xpert SMT50", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "SMT50_Win10_LTSC_21H2_v1.07.00_RC02_03" + } + ] + } + }, + { + "product_name": "Field Xpert SMT70", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "SMT70_Win10_LTSC_21H2_v1.07.00_RC02_01" + } + ] + } + }, + { + "product_name": "Field Xpert SMT77", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "SMT77_Win10_SAC_22H2_v1.08.04_RC03_02" + } + ] + } + }, + { + "product_name": "Field Xpert SMT79", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "V1.08.02-1.8.8684.34292" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-041", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-041" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-041", + "defect": [ + "CERT@VDE#641660" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Julian Renz" + }, + { + "lang": "en", + "value": "Endress+Hauser" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/6xxx/CVE-2024-6655.json b/2024/6xxx/CVE-2024-6655.json index 689d7ae0b7e..af22dc36755 100644 --- a/2024/6xxx/CVE-2024-6655.json +++ b/2024/6xxx/CVE-2024-6655.json @@ -113,6 +113,12 @@ "x_cve_json_5_version_data": { "defaultStatus": "affected" } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } } ] } diff --git a/2024/7xxx/CVE-2024-7698.json b/2024/7xxx/CVE-2024-7698.json index 0ed6df4df70..18fb08425de 100644 --- a/2024/7xxx/CVE-2024-7698.json +++ b/2024/7xxx/CVE-2024-7698.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7698", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A low privileged remote attacker can\u00a0get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer", + "cweId": "CWE-212" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/7xxx/CVE-2024-7699.json b/2024/7xxx/CVE-2024-7699.json index ef75702e743..152f755dadb 100644 --- a/2024/7xxx/CVE-2024-7699.json +++ b/2024/7xxx/CVE-2024-7699.json @@ -1,17 +1,522 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7699", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-039", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-039" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-039", + "defect": [ + "CERT@VDE#641656" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Andrea Palanca" + }, + { + "lang": "en", + "value": "Nozomi Networks Security Research Team" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/7xxx/CVE-2024-7734.json b/2024/7xxx/CVE-2024-7734.json index 82d05f57ab2..5d593a900e4 100644 --- a/2024/7xxx/CVE-2024-7734.json +++ b/2024/7xxx/CVE-2024-7734.json @@ -1,17 +1,512 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7734", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "info@cert.vde.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An unauthenticated remote attacker can\u00a0exploit the behavior of the\u00a0pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u00a0blocking of valid IPsec VPN peers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770 Allocation of Resources Without Limits or Throttling", + "cweId": "CWE-770" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHOENIX CONTACT", + "product": { + "product_data": [ + { + "product_name": "FL MGUARD 2102", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 2105", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCI", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4102 PCIE", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4302", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD 4305", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "10.4.1" + } + ] + } + }, + { + "product_name": "FL MGUARD CENTERPORT VPN-1000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD CORE TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD DELTA TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD GT/GT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCI4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD PCIE4000 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX-B", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS2005 TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-M", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX-P", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4000 TX/TX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD RS4004 TX/DTX VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "FL MGUARD SMART2 VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS2000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 3G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G ATT VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + }, + { + "product_name": "TC MGUARD RS4000 4G VZW VPN", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "8.9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-052", + "refsource": "MISC", + "name": "https://cert.vde.com/en/advisories/VDE-2024-052" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "VDE-2024-052", + "defect": [ + "CERT@VDE#641676" + ], + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" } ] } diff --git a/2024/8xxx/CVE-2024-8258.json b/2024/8xxx/CVE-2024-8258.json index 6ff799397af..f94429de6be 100644 --- a/2024/8xxx/CVE-2024-8258.json +++ b/2024/8xxx/CVE-2024-8258.json @@ -1,18 +1,118 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8258", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve-coordination@logitech.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Logitech", + "product": { + "product_data": [ + { + "product_name": "Logitech Options Plus", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "1.70", + "status": "affected", + "version": "1.60.496306", + "versionType": "semver" + }, + { + "status": "unaffected", + "version": "1.70" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.electronjs.org/docs/latest/tutorial/fuses", + "refsource": "MISC", + "name": "https://www.electronjs.org/docs/latest/tutorial/fuses" + }, + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50643", + "refsource": "MISC", + "name": "https://nvd.nist.gov/vuln/detail/CVE-2023-50643" + }, + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49314", + "refsource": "MISC", + "name": "https://nvd.nist.gov/vuln/detail/CVE-2023-49314" + }, + { + "url": "https://github.com/r3ggi/electroniz3r", + "refsource": "MISC", + "name": "https://github.com/r3ggi/electroniz3r" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

Update to Logitech Options Plus version 1.70 or later.


" + } + ], + "value": "Update to Logitech Options Plus version 1.70 or later." + } + ], + "credits": [ + { + "lang": "en", + "value": "Dave F - https://hackerone.com/dave23p" + } + ] } \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8645.json b/2024/8xxx/CVE-2024-8645.json new file mode 100644 index 00000000000..00b0dd92584 --- /dev/null +++ b/2024/8xxx/CVE-2024-8645.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8645", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8646.json b/2024/8xxx/CVE-2024-8646.json new file mode 100644 index 00000000000..035a8675cdf --- /dev/null +++ b/2024/8xxx/CVE-2024-8646.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8646", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file