admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-05-25 19:00:35 +00:00
parent 3b90fea9fd
commit 937723e811
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
2 changed files with 174 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
2023/26xxx/CVE-2023-26215.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26215",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@tibco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attacker with low-privileged application access to read system files that are accessible to the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Any application user can potentially read files that would normally only be accessible by server administrators."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TIBCO Software Inc.",
"product": {
"product_data": [
{
"product_name": "TIBCO EBX Add-ons",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "4.5.16"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.tibco.com/services/support/advisories",
"refsource": "MISC",
"name": "https://www.tibco.com/services/support/advisories"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>TIBCO has released updated versions of the affected components which address these issues.</p><p>TIBCO EBX Add-ons versions 4.5.16 and below: update to version 4.5.17 or later</p>"
}
],
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO EBX Add-ons versions 4.5.16 and below: update to version 4.5.17 or later\n\n"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

91
2023/26xxx/CVE-2023-26216.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26216",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@tibco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that allows an attacker to upload files to a directory accessible by the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application administrator without access to the underlying server could upload files that may be evaluated by the web server allowing them to perform actions with the privileges of the web server."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TIBCO Software Inc.",
"product": {
"product_data": [
{
"product_name": "TIBCO EBX Add-ons",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "4.5.16"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.tibco.com/services/support/advisories",
"refsource": "MISC",
"name": "https://www.tibco.com/services/support/advisories"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>TIBCO has released updated versions of the affected components which address these issues.</p><p>TIBCO EBX Add-ons versions 4.5.16 and below: update to version 4.5.17 or later</p>"
}
],
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO EBX Add-ons versions 4.5.16 and below: update to version 4.5.17 or later\n\n"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}