admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-08 20:00:35 +00:00
parent 7ba4ccc4fe
commit 7d6493b6f2
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
20 changed files with 2022 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

255
2024/29xxx/CVE-2024-29082.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29082",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper access control vulnerability affecting Vonets\n\n industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 \nand prior, enables an unauthenticated remote attacker to bypass \nauthentication and factory reset the device via unprotected goform \nendpoints."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
]
}

255
2024/37xxx/CVE-2024-37023.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-37023",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple OS command injection vulnerabilities affecting Vonets \n\n industrial wifi bridge relays and wifi bridge repeaters, software \nversions 3.3.23.6.9 and prior, enable an authenticated remote attacker \nto execute arbitrary OS commands via various endpoint parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Command Injection",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

255
2024/39xxx/CVE-2024-39791.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39791",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Stack-based buffer overflow vulnerabilities affecting Vonets\n\n\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions \n3.3.23.6.9 and prior, enable an unauthenticated remote attacker to \nexecute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

255
2024/39xxx/CVE-2024-39815.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39815",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper check or handling of exceptional conditions vulnerability \naffecting Vonets\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated \nremote attacker to cause a denial of service. A specially-crafted \nHTTP request to pre-authentication resources can crash the service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703",
"cweId": "CWE-703"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

61
2024/40xxx/CVE-2024-40476.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40476",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental Management System v1.0. This could lead to an attacker tricking the administrator into adding/modifying/deleting valid tenant data via a crafted HTML page, as demonstrated by a Delete Tenant action at the /rental/ajax.php?action=delete_tenant."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/Sourcecodester/Best%20House%20Rental%20Management%20System%20v1.0/CSRF.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Sourcecodester/Best%20House%20Rental%20Management%20System%20v1.0/CSRF.pdf"
}
]
}

61
2024/40xxx/CVE-2024-40477.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40477",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability in \"/oahms/admin/forgot-password.php\" in PHPGurukul Old Age Home Management System v1.0 allows an attacker to execute arbitrary SQL commands via the \"email\" parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/",
"refsource": "MISC",
"name": "https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/SQL%20Injection.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/SQL%20Injection.pdf"
}
]
}

56
2024/40xxx/CVE-2024-40481.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40481",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross Site Scripting (XSS) vulnerability was found in \"/admin/view-enquiry.php\" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page \"message\" parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Stored%20XSS.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Stored%20XSS.pdf"
}
]
}

56
2024/40xxx/CVE-2024-40482.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40482",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Unrestricted file upload vulnerability was found in \"/Membership/edit_member.php\" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/Unrestricted%20File%20Upload.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/Unrestricted%20File%20Upload.pdf"
}
]
}

56
2024/40xxx/CVE-2024-40484.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40484",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in \"/oahms/search.php\" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the \"searchdata\" parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Reflected%20XSS.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Reflected%20XSS.pdf"
}
]
}

61
2024/40xxx/CVE-2024-40486.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability in \"/index.php\" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.kashipara.com/project/php/12997/live-membership-system-in-php-php-project-source-code",
"refsource": "MISC",
"name": "https://www.kashipara.com/project/php/12997/live-membership-system-in-php-php-project-source-code"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/SQL%20Injection.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/SQL%20Injection.pdf"
}
]
}

61
2024/40xxx/CVE-2024-40487.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40487",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross Site Scripting (XSS) vulnerability was found in \"/view_type.php\" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.kashipara.com/project/php/12997/live-membership-system-in-php-php-project-source-code",
"refsource": "MISC",
"name": "https://www.kashipara.com/project/php/12997/live-membership-system-in-php-php-project-source-code"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/Stored%20XSS.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/Stored%20XSS.pdf"
}
]
}

61
2024/40xxx/CVE-2024-40488.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40488",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /delete_members.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://capec.mitre.org/data/definitions/62.html",
"refsource": "MISC",
"name": "https://capec.mitre.org/data/definitions/62.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/CSRF.pdf",
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Live%20Membership%20System%20v1.0/CSRF.pdf"
}
]
}

2
2024/41xxx/CVE-2024-41161.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions \n3.3.23.6.9 and prior, enables an unauthenticated remote attacker to \nbypass authentication using hard-coded administrator credentials. These \naccounts cannot be disabled."
"value": "Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions \n3.3.23.6.9 and prior, enables an unauthenticated remote attacker to \nbypass authentication using hard-coded administrator credentials. These \naccounts cannot be disabled."
}
]
},

255
2024/41xxx/CVE-2024-41936.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41936",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 \nand prior, enables an unauthenticated remote attacker to read arbitrary \nfiles and bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Path Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

255
2024/42xxx/CVE-2024-42001.json
View File

@ -1,17 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper authentication vulnerability affecting Vonets\n\n\n\n\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions \n3.3.23.6.9 and prior enables an unauthenticated remote attacker to \nbypass authentication via a specially crafted direct request when \nanother user has an active session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-425 Forced Browsing",
"cweId": "CWE-425"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vonets",
"product": {
"product_data": [
{
"product_name": "VAR1200-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR1200-L",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR600-H",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11AC",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VBG1200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S-5G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11S",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAR11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11N-300",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VAP11G-500",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
},
{
"product_name": "VGA-1000",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.3.23.6.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSA-24-214-08",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\">Vonets support</a> for additional information.\n\n<br>"
}
],
"value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com for additional information."
}
],
"credits": [
{
"lang": "en",
"value": "Wodzen reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
]
}

18
2024/43xxx/CVE-2024-43205.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/43xxx/CVE-2024-43206.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43206",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7625.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7626.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7627.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}