diff --git a/2022/21xxx/CVE-2022-21957.json b/2022/21xxx/CVE-2022-21957.json index 8289c537524..a24c112a35d 100644 --- a/2022/21xxx/CVE-2022-21957.json +++ b/2022/21xxx/CVE-2022-21957.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability" + "value": "Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability" } ] }, diff --git a/2022/21xxx/CVE-2022-21965.json b/2022/21xxx/CVE-2022-21965.json index 7fb111824bc..959c4ceb2af 100644 --- a/2022/21xxx/CVE-2022-21965.json +++ b/2022/21xxx/CVE-2022-21965.json @@ -1,60 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-21965", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Teams for iOS", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Teams for Android", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Teams Admin Center", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": "Microsoft Teams Denial of Service Vulnerability." + "value": "Microsoft Teams Denial of Service Vulnerability" } ] }, @@ -70,6 +27,55 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Teams for iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.0.0", + "version_value": "2.5.0" + } + ] + } + }, + { + "product_name": "Microsoft Teams for Android", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.0.0", + "version_value": "1416/1.0.0.2021040701" + } + ] + } + }, + { + "product_name": "Microsoft Teams Admin Center", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.0.0", + "version_value": "publication" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -80,11 +86,13 @@ ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", - "baseScore": "7.5", - "temporalScore": "6.5", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21968.json b/2022/21xxx/CVE-2022-21968.json index 503f97b1c72..8457e95bafa 100644 --- a/2022/21xxx/CVE-2022-21968.json +++ b/2022/21xxx/CVE-2022-21968.json @@ -101,7 +101,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/21xxx/CVE-2022-21973.json b/2022/21xxx/CVE-2022-21973.json index de7464654f6..a11ae209694 100644 --- a/2022/21xxx/CVE-2022-21973.json +++ b/2022/21xxx/CVE-2022-21973.json @@ -137,7 +137,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/21xxx/CVE-2022-21975.json b/2022/21xxx/CVE-2022-21975.json index 476c1c0ba87..2dc8e40b1a0 100644 --- a/2022/21xxx/CVE-2022-21975.json +++ b/2022/21xxx/CVE-2022-21975.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1586" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -245,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/21xxx/CVE-2022-21977.json b/2022/21xxx/CVE-2022-21977.json index 1af0de5eaa6..86613e1d470 100644 --- a/2022/21xxx/CVE-2022-21977.json +++ b/2022/21xxx/CVE-2022-21977.json @@ -257,7 +257,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/21xxx/CVE-2022-21990.json b/2022/21xxx/CVE-2022-21990.json index 92462259d2e..524da859df8 100644 --- a/2022/21xxx/CVE-2022-21990.json +++ b/2022/21xxx/CVE-2022-21990.json @@ -82,18 +82,6 @@ ] } }, - { - "product_name": "Remote Desktop client for Windows Desktop", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.2.0.0", - "version_value": "1.2.2925.0" - } - ] - } - }, { "product_name": "Windows 10 Version 21H1", "version": { diff --git a/2022/22xxx/CVE-2022-22006.json b/2022/22xxx/CVE-2022-22006.json index 0af276a6801..ca5ac68349b 100644 --- a/2022/22xxx/CVE-2022-22006.json +++ b/2022/22xxx/CVE-2022-22006.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/22xxx/CVE-2022-22010.json b/2022/22xxx/CVE-2022-22010.json index 0018a7a5981..f73b4486dab 100644 --- a/2022/22xxx/CVE-2022-22010.json +++ b/2022/22xxx/CVE-2022-22010.json @@ -281,7 +281,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23253.json b/2022/23xxx/CVE-2022-23253.json index be62f341c43..8797b679c34 100644 --- a/2022/23xxx/CVE-2022-23253.json +++ b/2022/23xxx/CVE-2022-23253.json @@ -329,7 +329,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23277.json b/2022/23xxx/CVE-2022-23277.json index 6cdb284eaaa..369d897ab9a 100644 --- a/2022/23xxx/CVE-2022-23277.json +++ b/2022/23xxx/CVE-2022-23277.json @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.027" } ] @@ -64,7 +64,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.027" } ] @@ -113,7 +113,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23278.json b/2022/23xxx/CVE-2022-23278.json index 3a9e9688e68..51d8c592c6d 100644 --- a/2022/23xxx/CVE-2022-23278.json +++ b/2022/23xxx/CVE-2022-23278.json @@ -125,7 +125,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23281.json b/2022/23xxx/CVE-2022-23281.json index 448489181e1..c91e03a872a 100644 --- a/2022/23xxx/CVE-2022-23281.json +++ b/2022/23xxx/CVE-2022-23281.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/23xxx/CVE-2022-23297.json b/2022/23xxx/CVE-2022-23297.json index dbf1a4bb18b..3c2092a9550 100644 --- a/2022/23xxx/CVE-2022-23297.json +++ b/2022/23xxx/CVE-2022-23297.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24462.json b/2022/24xxx/CVE-2022-24462.json index 6b0e71addee..65407de5586 100644 --- a/2022/24xxx/CVE-2022-24462.json +++ b/2022/24xxx/CVE-2022-24462.json @@ -89,7 +89,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24463.json b/2022/24xxx/CVE-2022-24463.json index b01f2275854..9d273af73cf 100644 --- a/2022/24xxx/CVE-2022-24463.json +++ b/2022/24xxx/CVE-2022-24463.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.027" } ] @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.027" } ] @@ -101,7 +101,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24465.json b/2022/24xxx/CVE-2022-24465.json index 169d838be40..208bcebb3d6 100644 --- a/2022/24xxx/CVE-2022-24465.json +++ b/2022/24xxx/CVE-2022-24465.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24501.json b/2022/24xxx/CVE-2022-24501.json index 5e3d343841a..3bfec6b995b 100644 --- a/2022/24xxx/CVE-2022-24501.json +++ b/2022/24xxx/CVE-2022-24501.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24502.json b/2022/24xxx/CVE-2022-24502.json index feed93c1fd4..bef6d3cdf86 100644 --- a/2022/24xxx/CVE-2022-24502.json +++ b/2022/24xxx/CVE-2022-24502.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24503.json b/2022/24xxx/CVE-2022-24503.json index d96f202d2d4..6b83e85f33a 100644 --- a/2022/24xxx/CVE-2022-24503.json +++ b/2022/24xxx/CVE-2022-24503.json @@ -82,18 +82,6 @@ ] } }, - { - "product_name": "Remote Desktop client for Windows Desktop", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.2.0.0", - "version_value": "1.2.2925.0" - } - ] - } - }, { "product_name": "Windows 10 Version 21H1", "version": { @@ -341,7 +329,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24506.json b/2022/24xxx/CVE-2022-24506.json index d1c496a1a5c..ed8fbfa0597 100644 --- a/2022/24xxx/CVE-2022-24506.json +++ b/2022/24xxx/CVE-2022-24506.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24511.json b/2022/24xxx/CVE-2022-24511.json index f9943f11e2c..e83a78e2e0c 100644 --- a/2022/24xxx/CVE-2022-24511.json +++ b/2022/24xxx/CVE-2022-24511.json @@ -106,18 +106,6 @@ ] } }, - { - "product_name": "Microsoft Word 2013 RT Service Pack 1", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "15.0.1", - "version_value": "15.0.5431.1000" - } - ] - } - }, { "product_name": "Microsoft Word 2013 Service Pack 1", "version": { @@ -161,7 +149,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24512.json b/2022/24xxx/CVE-2022-24512.json index 2172159dde7..88031d012e1 100644 --- a/2022/24xxx/CVE-2022-24512.json +++ b/2022/24xxx/CVE-2022-24512.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24515.json b/2022/24xxx/CVE-2022-24515.json index 97b30d97244..c5cfe8c0807 100644 --- a/2022/24xxx/CVE-2022-24515.json +++ b/2022/24xxx/CVE-2022-24515.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24518.json b/2022/24xxx/CVE-2022-24518.json index 675afde6f9f..d76284711e1 100644 --- a/2022/24xxx/CVE-2022-24518.json +++ b/2022/24xxx/CVE-2022-24518.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24519.json b/2022/24xxx/CVE-2022-24519.json index 1cb6b7308e3..e56386e79ef 100644 --- a/2022/24xxx/CVE-2022-24519.json +++ b/2022/24xxx/CVE-2022-24519.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24522.json b/2022/24xxx/CVE-2022-24522.json index f78150e7823..8038f9af681 100644 --- a/2022/24xxx/CVE-2022-24522.json +++ b/2022/24xxx/CVE-2022-24522.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/24xxx/CVE-2022-24526.json b/2022/24xxx/CVE-2022-24526.json index 185fedc4116..589db509cc4 100644 --- a/2022/24xxx/CVE-2022-24526.json +++ b/2022/24xxx/CVE-2022-24526.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26814.json b/2022/26xxx/CVE-2022-26814.json index 05e5c8848ba..fe6991da7af 100644 --- a/2022/26xxx/CVE-2022-26814.json +++ b/2022/26xxx/CVE-2022-26814.json @@ -149,7 +149,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26816.json b/2022/26xxx/CVE-2022-26816.json index f3e28388407..231d4676b72 100644 --- a/2022/26xxx/CVE-2022-26816.json +++ b/2022/26xxx/CVE-2022-26816.json @@ -125,7 +125,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26817.json b/2022/26xxx/CVE-2022-26817.json index 7b17d606c28..d0dec03b14d 100644 --- a/2022/26xxx/CVE-2022-26817.json +++ b/2022/26xxx/CVE-2022-26817.json @@ -149,7 +149,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26818.json b/2022/26xxx/CVE-2022-26818.json index 9ec2775cc79..a74dea38aac 100644 --- a/2022/26xxx/CVE-2022-26818.json +++ b/2022/26xxx/CVE-2022-26818.json @@ -149,7 +149,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26819.json b/2022/26xxx/CVE-2022-26819.json index fb81521a7fc..685527d8516 100644 --- a/2022/26xxx/CVE-2022-26819.json +++ b/2022/26xxx/CVE-2022-26819.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26820.json b/2022/26xxx/CVE-2022-26820.json index 4a453ec0c74..85c2e3fea9f 100644 --- a/2022/26xxx/CVE-2022-26820.json +++ b/2022/26xxx/CVE-2022-26820.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26821.json b/2022/26xxx/CVE-2022-26821.json index cccf1add25a..8ca6ea26b08 100644 --- a/2022/26xxx/CVE-2022-26821.json +++ b/2022/26xxx/CVE-2022-26821.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26822.json b/2022/26xxx/CVE-2022-26822.json index a7900daed14..fc58de0a51a 100644 --- a/2022/26xxx/CVE-2022-26822.json +++ b/2022/26xxx/CVE-2022-26822.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26829.json b/2022/26xxx/CVE-2022-26829.json index c174fdc37c3..e3d1f11b27d 100644 --- a/2022/26xxx/CVE-2022-26829.json +++ b/2022/26xxx/CVE-2022-26829.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26832.json b/2022/26xxx/CVE-2022-26832.json index fee3f201f3f..53391081722 100644 --- a/2022/26xxx/CVE-2022-26832.json +++ b/2022/26xxx/CVE-2022-26832.json @@ -1,569 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-26832", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.5.2", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2012", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows RT 8.1", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 2.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5", - "version": { - "version_data": [ - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5.1", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": ".NET Framework Denial of Service Vulnerability." + "value": ".NET Framework Denial of Service Vulnerability" } ] }, @@ -579,6 +27,151 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft .NET Framework 3.5 AND 4.8", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.8.0", + "version_value": "4.8.4494.03" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.5.2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.0.0.0", + "version_value": "4.0.52732.36732" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.0.0.0", + "version_value": "4.7.03930.02" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.8", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.8.0", + "version_value": "4.8.04494.03" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5 AND 4.7.2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.7.0", + "version_value": "4.7.3930.02" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.0.0.0", + "version_value": "10.0.14393.5066" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "4.0.0.0", + "version_value": "4.0.52732.36732" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 2.0 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.0.0", + "version_value": "2.0.50727.8962" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.0 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.0.0", + "version_value": "2.0.50727.8962" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.5.0", + "version_value": "publication" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5.1", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "3.5.0", + "version_value": "50727.8962" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -589,11 +182,13 @@ ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", - "baseScore": "7.5", - "temporalScore": "6.5", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/26xxx/CVE-2022-26896.json b/2022/26xxx/CVE-2022-26896.json index c3ab53fe3f0..504f71767c6 100644 --- a/2022/26xxx/CVE-2022-26896.json +++ b/2022/26xxx/CVE-2022-26896.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26897.json b/2022/26xxx/CVE-2022-26897.json index 8cbeed0f2af..d863468dcc3 100644 --- a/2022/26xxx/CVE-2022-26897.json +++ b/2022/26xxx/CVE-2022-26897.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26899.json b/2022/26xxx/CVE-2022-26899.json index a9fbc88326b..e7406e0f31d 100644 --- a/2022/26xxx/CVE-2022-26899.json +++ b/2022/26xxx/CVE-2022-26899.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26907.json b/2022/26xxx/CVE-2022-26907.json index 92402cfeba6..0bf2dd4c8d9 100644 --- a/2022/26xxx/CVE-2022-26907.json +++ b/2022/26xxx/CVE-2022-26907.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26909.json b/2022/26xxx/CVE-2022-26909.json index 1d7f68ecf70..2f70ccd366e 100644 --- a/2022/26xxx/CVE-2022-26909.json +++ b/2022/26xxx/CVE-2022-26909.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "MEDIUM", + "baseSeverity": "HIGH", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26910.json b/2022/26xxx/CVE-2022-26910.json index 01354f17505..9e71f08d1ad 100644 --- a/2022/26xxx/CVE-2022-26910.json +++ b/2022/26xxx/CVE-2022-26910.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26911.json b/2022/26xxx/CVE-2022-26911.json index c5abed1236f..8b8c37a5027 100644 --- a/2022/26xxx/CVE-2022-26911.json +++ b/2022/26xxx/CVE-2022-26911.json @@ -89,7 +89,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26912.json b/2022/26xxx/CVE-2022-26912.json index 83ec62eb20e..d019a973ae0 100644 --- a/2022/26xxx/CVE-2022-26912.json +++ b/2022/26xxx/CVE-2022-26912.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "MEDIUM", + "baseSeverity": "HIGH", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26919.json b/2022/26xxx/CVE-2022-26919.json index 3a3e528f993..ef2afc64958 100644 --- a/2022/26xxx/CVE-2022-26919.json +++ b/2022/26xxx/CVE-2022-26919.json @@ -365,7 +365,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2022/26xxx/CVE-2022-26920.json b/2022/26xxx/CVE-2022-26920.json index 0413ede5018..27537194c5c 100644 --- a/2022/26xxx/CVE-2022-26920.json +++ b/2022/26xxx/CVE-2022-26920.json @@ -173,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2022/29xxx/CVE-2022-29146.json b/2022/29xxx/CVE-2022-29146.json index 67db19af2e9..8347e5083b2 100644 --- a/2022/29xxx/CVE-2022-29146.json +++ b/2022/29xxx/CVE-2022-29146.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "MEDIUM", + "baseSeverity": "HIGH", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2023/28xxx/CVE-2023-28025.json b/2023/28xxx/CVE-2023-28025.json index 428bfe9db68..db0ab1d7e55 100644 --- a/2023/28xxx/CVE-2023-28025.json +++ b/2023/28xxx/CVE-2023-28025.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@hcl.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage. \n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HCL Software", + "product": { + "product_data": [ + { + "product_name": "HCL BigFix Mobile / Modern Client Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109318", + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109318" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/7xxx/CVE-2023-7021.json b/2023/7xxx/CVE-2023-7021.json index dfd8070373b..32846de1914 100644 --- a/2023/7xxx/CVE-2023-7021.json +++ b/2023/7xxx/CVE-2023-7021.json @@ -1,17 +1,140 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7021", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Tongda OA 2017 bis 11.9 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei general/vehicle/checkup/delete_search.php. Dank Manipulation des Arguments VU_ID mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tongda", + "product": { + "product_data": [ + { + "product_name": "OA 2017", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.0" + }, + { + "version_affected": "=", + "version_value": "11.1" + }, + { + "version_affected": "=", + "version_value": "11.2" + }, + { + "version_affected": "=", + "version_value": "11.3" + }, + { + "version_affected": "=", + "version_value": "11.4" + }, + { + "version_affected": "=", + "version_value": "11.5" + }, + { + "version_affected": "=", + "version_value": "11.6" + }, + { + "version_affected": "=", + "version_value": "11.7" + }, + { + "version_affected": "=", + "version_value": "11.8" + }, + { + "version_affected": "=", + "version_value": "11.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.248568", + "refsource": "MISC", + "name": "https://vuldb.com/?id.248568" + }, + { + "url": "https://vuldb.com/?ctiid.248568", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.248568" + }, + { + "url": "https://github.com/qq956801985/cve/blob/main/sql.md", + "refsource": "MISC", + "name": "https://github.com/qq956801985/cve/blob/main/sql.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "ZhuChangxing (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }