From 9d05477a80709aac4026180556ad4d6438b39973 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 11 Apr 2023 20:01:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/33xxx/CVE-2022-33632.json | 4 - 2022/33xxx/CVE-2022-33644.json | 4 - 2022/41xxx/CVE-2022-41103.json | 4 - 2022/41xxx/CVE-2022-41104.json | 166 ++++++++++------------- 2022/41xxx/CVE-2022-41105.json | 4 - 2022/41xxx/CVE-2022-41106.json | 215 +++++++++++++----------------- 2022/41xxx/CVE-2022-41107.json | 4 - 2022/41xxx/CVE-2022-41109.json | 4 - 2022/41xxx/CVE-2022-41113.json | 4 - 2022/41xxx/CVE-2022-41114.json | 4 - 2022/41xxx/CVE-2022-41116.json | 4 - 2022/41xxx/CVE-2022-41118.json | 4 - 2022/41xxx/CVE-2022-41122.json | 4 - 2022/41xxx/CVE-2022-41125.json | 4 - 2022/44xxx/CVE-2022-44666.json | 4 - 2022/44xxx/CVE-2022-44667.json | 4 - 2022/44xxx/CVE-2022-44668.json | 4 - 2022/44xxx/CVE-2022-44669.json | 4 - 2022/44xxx/CVE-2022-44670.json | 4 - 2022/44xxx/CVE-2022-44671.json | 4 - 2022/44xxx/CVE-2022-44673.json | 4 - 2022/44xxx/CVE-2022-44674.json | 4 - 2022/44xxx/CVE-2022-44675.json | 4 - 2022/44xxx/CVE-2022-44676.json | 4 - 2022/44xxx/CVE-2022-44677.json | 4 - 2022/44xxx/CVE-2022-44678.json | 4 - 2022/44xxx/CVE-2022-44679.json | 4 - 2022/44xxx/CVE-2022-44680.json | 4 - 2022/44xxx/CVE-2022-44681.json | 4 - 2022/44xxx/CVE-2022-44682.json | 4 - 2022/44xxx/CVE-2022-44683.json | 4 - 2022/44xxx/CVE-2022-44688.json | 4 - 2022/44xxx/CVE-2022-44690.json | 4 - 2022/44xxx/CVE-2022-44691.json | 4 - 2022/44xxx/CVE-2022-44692.json | 4 - 2022/44xxx/CVE-2022-44693.json | 4 - 2022/44xxx/CVE-2022-44694.json | 4 - 2022/44xxx/CVE-2022-44695.json | 4 - 2022/44xxx/CVE-2022-44696.json | 4 - 2022/44xxx/CVE-2022-44697.json | 4 - 2022/44xxx/CVE-2022-44698.json | 4 - 2022/44xxx/CVE-2022-44707.json | 4 - 2022/44xxx/CVE-2022-44710.json | 4 - 2022/44xxx/CVE-2022-44713.json | 4 - 2022/47xxx/CVE-2022-47211.json | 4 - 2022/47xxx/CVE-2022-47212.json | 4 - 2022/47xxx/CVE-2022-47213.json | 4 - 2023/21xxx/CVE-2023-21528.json | 4 - 2023/21xxx/CVE-2023-21529.json | 4 - 2023/21xxx/CVE-2023-21553.json | 4 - 2023/21xxx/CVE-2023-21554.json | 237 ++++++++++++++++++++++++++++++++- 2023/21xxx/CVE-2023-21564.json | 4 - 2023/21xxx/CVE-2023-21708.json | 4 - 2023/21xxx/CVE-2023-21727.json | 237 ++++++++++++++++++++++++++++++++- 2023/21xxx/CVE-2023-21729.json | 237 ++++++++++++++++++++++++++++++++- 2023/21xxx/CVE-2023-21769.json | 237 ++++++++++++++++++++++++++++++++- 2023/23xxx/CVE-2023-23375.json | 100 +++++++++++++- 2023/23xxx/CVE-2023-23383.json | 4 - 2023/23xxx/CVE-2023-23384.json | 118 +++++++++++++++- 2023/23xxx/CVE-2023-23385.json | 4 - 2023/28xxx/CVE-2023-28260.json | 96 ++++++++++++- 2023/28xxx/CVE-2023-28262.json | 91 ++++++++++++- 2023/28xxx/CVE-2023-28263.json | 91 ++++++++++++- 2023/28xxx/CVE-2023-28266.json | 237 ++++++++++++++++++++++++++++++++- 2023/28xxx/CVE-2023-28285.json | 2 +- 2023/28xxx/CVE-2023-28309.json | 2 +- 2023/28xxx/CVE-2023-28314.json | 2 +- 67 files changed, 1802 insertions(+), 474 deletions(-) diff --git a/2022/33xxx/CVE-2022-33632.json b/2022/33xxx/CVE-2022-33632.json index 76e44cd5db6..ae98d31fa9e 100644 --- a/2022/33xxx/CVE-2022-33632.json +++ b/2022/33xxx/CVE-2022-33632.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Security Feature Bypass Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Security Feature Bypass Vulnerability" diff --git a/2022/33xxx/CVE-2022-33644.json b/2022/33xxx/CVE-2022-33644.json index d5a0ba6847e..aee07b67ec0 100644 --- a/2022/33xxx/CVE-2022-33644.json +++ b/2022/33xxx/CVE-2022-33644.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Xbox Live Save Service Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Xbox Live Save Service Elevation of Privilege Vulnerability" diff --git a/2022/41xxx/CVE-2022-41103.json b/2022/41xxx/CVE-2022-41103.json index 0ebf4b5e119..414dec64da5 100644 --- a/2022/41xxx/CVE-2022-41103.json +++ b/2022/41xxx/CVE-2022-41103.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Word Information Disclosure Vulnerability" - }, { "lang": "eng", "value": "Microsoft Word Information Disclosure Vulnerability" diff --git a/2022/41xxx/CVE-2022-41104.json b/2022/41xxx/CVE-2022-41104.json index 993f8157fca..0583b2913bc 100644 --- a/2022/41xxx/CVE-2022-41104.json +++ b/2022/41xxx/CVE-2022-41104.json @@ -1,105 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-41104", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Excel", - "version": { - "version_data": [ - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": "Microsoft Excel Security Feature Bypass Vulnerability." + "value": "Microsoft Excel Security Feature Bypass Vulnerability" } ] }, @@ -115,21 +27,77 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "https://aka.ms/OfficeSecurityReleases" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "https://aka.ms/OfficeSecurityReleases" + } + ] + } + }, + { + "product_name": "Microsoft Excel", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0.0", + "version_value": "16.0.5369.1000" + }, + { + "version_affected": "<", + "version_name": "15.0.0.0", + "version_value": "15.0.5501.1000" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41104", + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41104", "refsource": "MISC", - "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41104" + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41104" } ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", - "baseScore": "5.5", - "temporalScore": "4.8", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/41xxx/CVE-2022-41105.json b/2022/41xxx/CVE-2022-41105.json index f7a4dad7d28..0fe6b1304bc 100644 --- a/2022/41xxx/CVE-2022-41105.json +++ b/2022/41xxx/CVE-2022-41105.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Excel Information Disclosure Vulnerability" - }, { "lang": "eng", "value": "Microsoft Excel Information Disclosure Vulnerability" diff --git a/2022/41xxx/CVE-2022-41106.json b/2022/41xxx/CVE-2022-41106.json index c7434695f18..09d8873e2e8 100644 --- a/2022/41xxx/CVE-2022-41106.json +++ b/2022/41xxx/CVE-2022-41106.json @@ -1,125 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-41106", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Microsoft Office Online Server", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Excel", - "version": { - "version_data": [ - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - } - ] - } - }, - { - "product_name": "Microsoft Office Web Apps", - "version": { - "version_data": [ - { - "version_value": "Server 2013 Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { "lang": "eng", - "value": "Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41063." + "value": "Microsoft Excel Remote Code Execution Vulnerability" } ] }, @@ -135,26 +27,101 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "https://aka.ms/OfficeSecurityReleases" + } + ] + } + }, + { + "product_name": "Microsoft Office Online Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "16.0.10392.20000" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.1", + "version_value": "https://aka.ms/OfficeSecurityReleases" + } + ] + } + }, + { + "product_name": "Microsoft Excel", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0.0", + "version_value": "16.0.5369.1000" + }, + { + "version_affected": "<", + "version_name": "15.0.0.0", + "version_value": "15.0.5501.1000" + } + ] + } + }, + { + "product_name": "Microsoft Office Web Apps Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.1", + "version_value": "15.0.5501.1000" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41106", + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41106", "refsource": "MISC", - "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41106" - }, - { - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1591", - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1591" + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41106" } ] }, "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", - "baseScore": "7.8", - "temporalScore": "6.8", - "version": "3.1" - } + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 8.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2022/41xxx/CVE-2022-41107.json b/2022/41xxx/CVE-2022-41107.json index ef060b6f129..1484953ec44 100644 --- a/2022/41xxx/CVE-2022-41107.json +++ b/2022/41xxx/CVE-2022-41107.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" diff --git a/2022/41xxx/CVE-2022-41109.json b/2022/41xxx/CVE-2022-41109.json index a33739cd0e5..12349d35230 100644 --- a/2022/41xxx/CVE-2022-41109.json +++ b/2022/41xxx/CVE-2022-41109.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Win32k Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Win32k Elevation of Privilege Vulnerability" diff --git a/2022/41xxx/CVE-2022-41113.json b/2022/41xxx/CVE-2022-41113.json index c3ee96c9320..6c420157113 100644 --- a/2022/41xxx/CVE-2022-41113.json +++ b/2022/41xxx/CVE-2022-41113.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability" diff --git a/2022/41xxx/CVE-2022-41114.json b/2022/41xxx/CVE-2022-41114.json index 30421de33eb..405ad10cdff 100644 --- a/2022/41xxx/CVE-2022-41114.json +++ b/2022/41xxx/CVE-2022-41114.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Bind Filter Driver Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Bind Filter Driver Elevation of Privilege Vulnerability" diff --git a/2022/41xxx/CVE-2022-41116.json b/2022/41xxx/CVE-2022-41116.json index 25cccc20cc5..ed82f8e41e5 100644 --- a/2022/41xxx/CVE-2022-41116.json +++ b/2022/41xxx/CVE-2022-41116.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability" - }, { "lang": "eng", "value": "Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability" diff --git a/2022/41xxx/CVE-2022-41118.json b/2022/41xxx/CVE-2022-41118.json index 70cf81b9616..503d948af08 100644 --- a/2022/41xxx/CVE-2022-41118.json +++ b/2022/41xxx/CVE-2022-41118.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Scripting Languages Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Scripting Languages Remote Code Execution Vulnerability" diff --git a/2022/41xxx/CVE-2022-41122.json b/2022/41xxx/CVE-2022-41122.json index b8c49f0c7fc..162bd669b37 100644 --- a/2022/41xxx/CVE-2022-41122.json +++ b/2022/41xxx/CVE-2022-41122.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft SharePoint Server Spoofing Vulnerability" - }, { "lang": "eng", "value": "Microsoft SharePoint Server Spoofing Vulnerability" diff --git a/2022/41xxx/CVE-2022-41125.json b/2022/41xxx/CVE-2022-41125.json index 922383e7213..24971ab4b1c 100644 --- a/2022/41xxx/CVE-2022-41125.json +++ b/2022/41xxx/CVE-2022-41125.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows CNG Key Isolation Service Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows CNG Key Isolation Service Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44666.json b/2022/44xxx/CVE-2022-44666.json index 21dab7527e7..f084b3eee14 100644 --- a/2022/44xxx/CVE-2022-44666.json +++ b/2022/44xxx/CVE-2022-44666.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Contacts Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Contacts Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44667.json b/2022/44xxx/CVE-2022-44667.json index e4c0c3846cb..2ed0421b0e0 100644 --- a/2022/44xxx/CVE-2022-44667.json +++ b/2022/44xxx/CVE-2022-44667.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Media Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Media Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44668.json b/2022/44xxx/CVE-2022-44668.json index 80ad9db3a79..f5e1d8239f6 100644 --- a/2022/44xxx/CVE-2022-44668.json +++ b/2022/44xxx/CVE-2022-44668.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Media Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Media Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44669.json b/2022/44xxx/CVE-2022-44669.json index 4b72ae0045f..b11fc363469 100644 --- a/2022/44xxx/CVE-2022-44669.json +++ b/2022/44xxx/CVE-2022-44669.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Error Reporting Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Error Reporting Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44670.json b/2022/44xxx/CVE-2022-44670.json index ec7cbf98003..ce9b094495f 100644 --- a/2022/44xxx/CVE-2022-44670.json +++ b/2022/44xxx/CVE-2022-44670.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44671.json b/2022/44xxx/CVE-2022-44671.json index aefe627efb9..d820ba80cf8 100644 --- a/2022/44xxx/CVE-2022-44671.json +++ b/2022/44xxx/CVE-2022-44671.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Graphics Component Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Graphics Component Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44673.json b/2022/44xxx/CVE-2022-44673.json index 2ac72ce5a16..b3b878702bb 100644 --- a/2022/44xxx/CVE-2022-44673.json +++ b/2022/44xxx/CVE-2022-44673.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44674.json b/2022/44xxx/CVE-2022-44674.json index c4f800a6c27..53aba711988 100644 --- a/2022/44xxx/CVE-2022-44674.json +++ b/2022/44xxx/CVE-2022-44674.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Bluetooth Driver Information Disclosure Vulnerability" - }, { "lang": "eng", "value": "Windows Bluetooth Driver Information Disclosure Vulnerability" diff --git a/2022/44xxx/CVE-2022-44675.json b/2022/44xxx/CVE-2022-44675.json index d33b76a8242..c3eb2589dca 100644 --- a/2022/44xxx/CVE-2022-44675.json +++ b/2022/44xxx/CVE-2022-44675.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Bluetooth Driver Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Bluetooth Driver Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44676.json b/2022/44xxx/CVE-2022-44676.json index cbd1a9c57c9..bedbc25a338 100644 --- a/2022/44xxx/CVE-2022-44676.json +++ b/2022/44xxx/CVE-2022-44676.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44677.json b/2022/44xxx/CVE-2022-44677.json index c73694a068d..8875c5745f4 100644 --- a/2022/44xxx/CVE-2022-44677.json +++ b/2022/44xxx/CVE-2022-44677.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Projected File System Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Projected File System Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44678.json b/2022/44xxx/CVE-2022-44678.json index c96c8cef5f7..57cc1e8ef31 100644 --- a/2022/44xxx/CVE-2022-44678.json +++ b/2022/44xxx/CVE-2022-44678.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Print Spooler Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44679.json b/2022/44xxx/CVE-2022-44679.json index a38c53b7cfe..205ac1ad996 100644 --- a/2022/44xxx/CVE-2022-44679.json +++ b/2022/44xxx/CVE-2022-44679.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Graphics Component Information Disclosure Vulnerability" - }, { "lang": "eng", "value": "Windows Graphics Component Information Disclosure Vulnerability" diff --git a/2022/44xxx/CVE-2022-44680.json b/2022/44xxx/CVE-2022-44680.json index f7db99fa770..838a18fdfcb 100644 --- a/2022/44xxx/CVE-2022-44680.json +++ b/2022/44xxx/CVE-2022-44680.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Graphics Component Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Graphics Component Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44681.json b/2022/44xxx/CVE-2022-44681.json index 07df6048426..fba02504d8d 100644 --- a/2022/44xxx/CVE-2022-44681.json +++ b/2022/44xxx/CVE-2022-44681.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Print Spooler Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44682.json b/2022/44xxx/CVE-2022-44682.json index 8079e722701..207906a7961 100644 --- a/2022/44xxx/CVE-2022-44682.json +++ b/2022/44xxx/CVE-2022-44682.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Hyper-V Denial of Service Vulnerability" - }, { "lang": "eng", "value": "Windows Hyper-V Denial of Service Vulnerability" diff --git a/2022/44xxx/CVE-2022-44683.json b/2022/44xxx/CVE-2022-44683.json index 045fba73258..8056644ebfd 100644 --- a/2022/44xxx/CVE-2022-44683.json +++ b/2022/44xxx/CVE-2022-44683.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Kernel Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Kernel Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44688.json b/2022/44xxx/CVE-2022-44688.json index e8505749f24..72abda04e84 100644 --- a/2022/44xxx/CVE-2022-44688.json +++ b/2022/44xxx/CVE-2022-44688.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability" - }, { "lang": "eng", "value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability" diff --git a/2022/44xxx/CVE-2022-44690.json b/2022/44xxx/CVE-2022-44690.json index 5ecabc4ed2e..5c98399c9a9 100644 --- a/2022/44xxx/CVE-2022-44690.json +++ b/2022/44xxx/CVE-2022-44690.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft SharePoint Server Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft SharePoint Server Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44691.json b/2022/44xxx/CVE-2022-44691.json index f7309b3f843..b72d004ca2d 100644 --- a/2022/44xxx/CVE-2022-44691.json +++ b/2022/44xxx/CVE-2022-44691.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office OneNote Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office OneNote Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44692.json b/2022/44xxx/CVE-2022-44692.json index 936bd25c1e9..427a61268a7 100644 --- a/2022/44xxx/CVE-2022-44692.json +++ b/2022/44xxx/CVE-2022-44692.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44693.json b/2022/44xxx/CVE-2022-44693.json index 10bfb1c8227..e4971acab9c 100644 --- a/2022/44xxx/CVE-2022-44693.json +++ b/2022/44xxx/CVE-2022-44693.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft SharePoint Server Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft SharePoint Server Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44694.json b/2022/44xxx/CVE-2022-44694.json index 28d2f65f50c..399e2589089 100644 --- a/2022/44xxx/CVE-2022-44694.json +++ b/2022/44xxx/CVE-2022-44694.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Visio Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44695.json b/2022/44xxx/CVE-2022-44695.json index 4dbffc07f9c..aeb26beb92f 100644 --- a/2022/44xxx/CVE-2022-44695.json +++ b/2022/44xxx/CVE-2022-44695.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Visio Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44696.json b/2022/44xxx/CVE-2022-44696.json index 329ae3bdfc2..d055b24ff16 100644 --- a/2022/44xxx/CVE-2022-44696.json +++ b/2022/44xxx/CVE-2022-44696.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Visio Remote Code Execution Vulnerability" diff --git a/2022/44xxx/CVE-2022-44697.json b/2022/44xxx/CVE-2022-44697.json index 6ef70b2f6b9..2477e66a1bb 100644 --- a/2022/44xxx/CVE-2022-44697.json +++ b/2022/44xxx/CVE-2022-44697.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Graphics Component Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Graphics Component Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44698.json b/2022/44xxx/CVE-2022-44698.json index 8a4a6914a8f..4c23292914c 100644 --- a/2022/44xxx/CVE-2022-44698.json +++ b/2022/44xxx/CVE-2022-44698.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows SmartScreen Security Feature Bypass Vulnerability" - }, { "lang": "eng", "value": "Windows SmartScreen Security Feature Bypass Vulnerability" diff --git a/2022/44xxx/CVE-2022-44707.json b/2022/44xxx/CVE-2022-44707.json index 61a51f3fc73..7c509e6b91f 100644 --- a/2022/44xxx/CVE-2022-44707.json +++ b/2022/44xxx/CVE-2022-44707.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Kernel Denial of Service Vulnerability" - }, { "lang": "eng", "value": "Windows Kernel Denial of Service Vulnerability" diff --git a/2022/44xxx/CVE-2022-44710.json b/2022/44xxx/CVE-2022-44710.json index 1463bc0b384..6b2a001bb36 100644 --- a/2022/44xxx/CVE-2022-44710.json +++ b/2022/44xxx/CVE-2022-44710.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "DirectX Graphics Kernel Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "DirectX Graphics Kernel Elevation of Privilege Vulnerability" diff --git a/2022/44xxx/CVE-2022-44713.json b/2022/44xxx/CVE-2022-44713.json index a497fedde7c..4cf4c57bc91 100644 --- a/2022/44xxx/CVE-2022-44713.json +++ b/2022/44xxx/CVE-2022-44713.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Outlook for Mac Spoofing Vulnerability" - }, { "lang": "eng", "value": "Microsoft Outlook for Mac Spoofing Vulnerability" diff --git a/2022/47xxx/CVE-2022-47211.json b/2022/47xxx/CVE-2022-47211.json index a308f20ce18..a1625e79453 100644 --- a/2022/47xxx/CVE-2022-47211.json +++ b/2022/47xxx/CVE-2022-47211.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" diff --git a/2022/47xxx/CVE-2022-47212.json b/2022/47xxx/CVE-2022-47212.json index 421839768a6..f111eb7918b 100644 --- a/2022/47xxx/CVE-2022-47212.json +++ b/2022/47xxx/CVE-2022-47212.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" diff --git a/2022/47xxx/CVE-2022-47213.json b/2022/47xxx/CVE-2022-47213.json index 9b8a0bd1a2c..09b1c1983e4 100644 --- a/2022/47xxx/CVE-2022-47213.json +++ b/2022/47xxx/CVE-2022-47213.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" diff --git a/2023/21xxx/CVE-2023-21528.json b/2023/21xxx/CVE-2023-21528.json index 6e4231cfe89..f855cbfd60b 100644 --- a/2023/21xxx/CVE-2023-21528.json +++ b/2023/21xxx/CVE-2023-21528.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft SQL Server Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft SQL Server Remote Code Execution Vulnerability" diff --git a/2023/21xxx/CVE-2023-21529.json b/2023/21xxx/CVE-2023-21529.json index 399c507d237..673bdaa59f6 100644 --- a/2023/21xxx/CVE-2023-21529.json +++ b/2023/21xxx/CVE-2023-21529.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" diff --git a/2023/21xxx/CVE-2023-21553.json b/2023/21xxx/CVE-2023-21553.json index 5ce176963bf..9ae3116032e 100644 --- a/2023/21xxx/CVE-2023-21553.json +++ b/2023/21xxx/CVE-2023-21553.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Azure DevOps Server Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Azure DevOps Server Remote Code Execution Vulnerability" diff --git a/2023/21xxx/CVE-2023-21554.json b/2023/21xxx/CVE-2023-21554.json index 6d4a85069bf..38fee1e6508 100644 --- a/2023/21xxx/CVE-2023-21554.json +++ b/2023/21xxx/CVE-2023-21554.json @@ -1,17 +1,246 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21554", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Microsoft Message Queuing Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 1809", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.20348.1668" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19042.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22000.1817" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19044.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22621.1555" + } + ] + } + }, + { + "product_name": "Windows 10 Version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19045.2846" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1507", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.10240.19869" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1607", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.22015" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.1.0", + "version_value": "6.1.7601.26466" + }, + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26466" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24216" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20919" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "CRITICAL", + "baseScore": 9.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } ] } diff --git a/2023/21xxx/CVE-2023-21564.json b/2023/21xxx/CVE-2023-21564.json index 4baf677841d..2e1a6e992a0 100644 --- a/2023/21xxx/CVE-2023-21564.json +++ b/2023/21xxx/CVE-2023-21564.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Azure DevOps Server Cross-Site Scripting Vulnerability" - }, { "lang": "eng", "value": "Azure DevOps Server Cross-Site Scripting Vulnerability" diff --git a/2023/21xxx/CVE-2023-21708.json b/2023/21xxx/CVE-2023-21708.json index 26e1eea0807..49cf41bf0cb 100644 --- a/2023/21xxx/CVE-2023-21708.json +++ b/2023/21xxx/CVE-2023-21708.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability" - }, { "lang": "eng", "value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability" diff --git a/2023/21xxx/CVE-2023-21727.json b/2023/21xxx/CVE-2023-21727.json index 090033a32e1..a3e46299ef5 100644 --- a/2023/21xxx/CVE-2023-21727.json +++ b/2023/21xxx/CVE-2023-21727.json @@ -1,17 +1,246 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21727", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 1809", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.20348.1668" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19042.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22000.1817" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19044.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22621.1555" + } + ] + } + }, + { + "product_name": "Windows 10 Version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19045.2846" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1507", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.10240.19869" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1607", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.22015" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.1.0", + "version_value": "6.1.7601.26466" + }, + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26466" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24216" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20919" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21727", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21727" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 8.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" } ] } diff --git a/2023/21xxx/CVE-2023-21729.json b/2023/21xxx/CVE-2023-21729.json index 7b067f901ec..9c87f36fac3 100644 --- a/2023/21xxx/CVE-2023-21729.json +++ b/2023/21xxx/CVE-2023-21729.json @@ -1,17 +1,246 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21729", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Remote Procedure Call Runtime Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 1809", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.20348.1668" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19042.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22000.1817" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19044.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22621.1555" + } + ] + } + }, + { + "product_name": "Windows 10 Version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19045.2846" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1507", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.10240.19869" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1607", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.22015" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.1.0", + "version_value": "6.1.7601.26466" + }, + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26466" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24216" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20919" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 4.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/21xxx/CVE-2023-21769.json b/2023/21xxx/CVE-2023-21769.json index da1680418f3..52ad7119cd4 100644 --- a/2023/21xxx/CVE-2023-21769.json +++ b/2023/21xxx/CVE-2023-21769.json @@ -1,17 +1,246 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21769", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Microsoft Message Queuing Denial of Service Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 1809", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.20348.1668" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19042.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22000.1817" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19044.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22621.1555" + } + ] + } + }, + { + "product_name": "Windows 10 Version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19045.2846" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1507", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.10240.19869" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1607", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.22015" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.1.0", + "version_value": "6.1.7601.26466" + }, + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26466" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24216" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20919" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21769", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21769" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" } ] } diff --git a/2023/23xxx/CVE-2023-23375.json b/2023/23xxx/CVE-2023-23375.json index 494d8009e4b..5f8030d0125 100644 --- a/2023/23xxx/CVE-2023-23375.json +++ b/2023/23xxx/CVE-2023-23375.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft OLE DB Driver 18 for SQL Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "18.0.0", + "version_value": "18.6.5" + } + ] + } + }, + { + "product_name": "Microsoft OLE DB Driver 19 for SQL Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "19.0.0", + "version_value": "19.3.0" + } + ] + } + }, + { + "product_name": "Microsoft ODBC Driver 17 for SQL Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.0.0.0", + "version_value": "17.10.3.1" + } + ] + } + }, + { + "product_name": "Microsoft ODBC Driver 18 for SQL Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "18.0.0.0", + "version_value": "18.2.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23375", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23375" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" } ] } diff --git a/2023/23xxx/CVE-2023-23383.json b/2023/23xxx/CVE-2023-23383.json index 427a04e9731..ab34d3149e3 100644 --- a/2023/23xxx/CVE-2023-23383.json +++ b/2023/23xxx/CVE-2023-23383.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Service Fabric Explorer Spoofing Vulnerability" - }, { "lang": "eng", "value": "Service Fabric Explorer Spoofing Vulnerability" diff --git a/2023/23xxx/CVE-2023-23384.json b/2023/23xxx/CVE-2023-23384.json index fe82d311ded..635c01bcd06 100644 --- a/2023/23xxx/CVE-2023-23384.json +++ b/2023/23xxx/CVE-2023-23384.json @@ -1,17 +1,127 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23384", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Microsoft SQL Server Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft SQL Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.6814.4" + }, + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + }, + { + "version_affected": "<", + "version_name": "14.0.0", + "version_value": "14.0.2047.8" + }, + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6444.4" + }, + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.2101.7" + }, + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.6430.49" + }, + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.0.1050.5" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "14.0.0", + "version_value": "14.0.3460.9" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.4280.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23384", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23384" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C" } ] } diff --git a/2023/23xxx/CVE-2023-23385.json b/2023/23xxx/CVE-2023-23385.json index be83fff5610..ca7b062341f 100644 --- a/2023/23xxx/CVE-2023-23385.json +++ b/2023/23xxx/CVE-2023-23385.json @@ -9,10 +9,6 @@ }, "description": { "description_data": [ - { - "lang": "eng", - "value": "Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability" - }, { "lang": "eng", "value": "Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability" diff --git a/2023/28xxx/CVE-2023-28260.json b/2023/28xxx/CVE-2023-28260.json index a62b1e69630..75ecee0a494 100644 --- a/2023/28xxx/CVE-2023-28260.json +++ b/2023/28xxx/CVE-2023-28260.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28260", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": ".NET DLL Hijacking Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": ".NET", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.16" + }, + { + "version_affected": "<", + "version_name": "7.0.0", + "version_value": "7.0.5" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.5.0", + "version_value": "17.5.4" + }, + { + "version_affected": "<", + "version_name": "17.4.0", + "version_value": "17.4.7" + }, + { + "version_affected": "<", + "version_name": "17.2.0", + "version_value": "17.2.15" + }, + { + "version_affected": "<", + "version_name": "17.0.0", + "version_value": "17.0.21" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" } ] } diff --git a/2023/28xxx/CVE-2023-28262.json b/2023/28xxx/CVE-2023-28262.json index 3d6b40c12c8..4082ed9430f 100644 --- a/2023/28xxx/CVE-2023-28262.json +++ b/2023/28xxx/CVE-2023-28262.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28262", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visual Studio Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.2.0", + "version_value": "17.2.15" + }, + { + "version_affected": "<", + "version_name": "17.0.0", + "version_value": "17.0.21" + }, + { + "version_affected": "<", + "version_name": "17.4.0", + "version_value": "17.4.7" + }, + { + "version_affected": "<", + "version_name": "17.5.0", + "version_value": "17.5.4" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.11.0", + "version_value": "16.11.26" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28262", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28262" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" } ] } diff --git a/2023/28xxx/CVE-2023-28263.json b/2023/28xxx/CVE-2023-28263.json index 2cab5186bf3..affe7fe1632 100644 --- a/2023/28xxx/CVE-2023-28263.json +++ b/2023/28xxx/CVE-2023-28263.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visual Studio Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.2.0", + "version_value": "17.2.15" + }, + { + "version_affected": "<", + "version_name": "17.0.0", + "version_value": "17.0.21" + }, + { + "version_affected": "<", + "version_name": "17.4.0", + "version_value": "17.4.7" + }, + { + "version_affected": "<", + "version_name": "17.5.0", + "version_value": "17.5.4" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.11.0", + "version_value": "16.11.26" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28263", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28263" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C" } ] } diff --git a/2023/28xxx/CVE-2023-28266.json b/2023/28xxx/CVE-2023-28266.json index b2d724f5a8d..cf3aff2b26a 100644 --- a/2023/28xxx/CVE-2023-28266.json +++ b/2023/28xxx/CVE-2023-28266.json @@ -1,17 +1,246 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28266", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Windows Common Log File System Driver Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 1809", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4252" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.20348.1668" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19042.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22000.1817" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19044.2846" + } + ] + } + }, + { + "product_name": "Windows 11 version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.22621.1555" + } + ] + } + }, + { + "product_name": "Windows 10 Version 22H2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.19045.2846" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1507", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.10240.19869" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1607", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5850" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.22015" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.1.0", + "version_value": "6.1.7601.26466" + }, + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26466" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24216" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20919" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28266", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28266" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2023/28xxx/CVE-2023-28285.json b/2023/28xxx/CVE-2023-28285.json index 6364a44ea4e..0df008b6eea 100644 --- a/2023/28xxx/CVE-2023-28285.json +++ b/2023/28xxx/CVE-2023-28285.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Microsoft Office Remote Code Execution Vulnerability" + "value": "Microsoft Office Graphics Remote Code Execution Vulnerability" } ] }, diff --git a/2023/28xxx/CVE-2023-28309.json b/2023/28xxx/CVE-2023-28309.json index 4f6501eaa5d..7d48aba864d 100644 --- a/2023/28xxx/CVE-2023-28309.json +++ b/2023/28xxx/CVE-2023-28309.json @@ -53,7 +53,7 @@ { "version_affected": "<", "version_name": "9.1.0", - "version_value": "9.1.17.29" + "version_value": "9.1.XX.XX" } ] } diff --git a/2023/28xxx/CVE-2023-28314.json b/2023/28xxx/CVE-2023-28314.json index f06fc7954d0..01a21573753 100644 --- a/2023/28xxx/CVE-2023-28314.json +++ b/2023/28xxx/CVE-2023-28314.json @@ -53,7 +53,7 @@ { "version_affected": "<", "version_name": "9.1.0", - "version_value": "9.1.17.29" + "version_value": "9.1.XX.XX" } ] }