From a1ff92dbb91a2dc5351e069a09ba4310caf97ceb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 25 Jul 2023 08:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/0xxx/CVE-2022-0828.json | 147 +++++++++++++++-------------- 2022/0xxx/CVE-2022-0837.json | 149 +++++++++++++++-------------- 2022/1xxx/CVE-2022-1412.json | 156 ++++++++++++++++-------------- 2022/1xxx/CVE-2022-1551.json | 147 +++++++++++++++-------------- 2022/2xxx/CVE-2022-2083.json | 168 ++++++++++++++++++--------------- 2023/21xxx/CVE-2023-21405.json | 152 ++++++++++++++++++++++++++++- 2023/21xxx/CVE-2023-21406.json | 77 ++++++++++++++- 2023/34xxx/CVE-2023-34189.json | 61 +++++++++++- 2023/34xxx/CVE-2023-34434.json | 69 +++++++++++++- 2023/35xxx/CVE-2023-35088.json | 61 +++++++++++- 2023/3xxx/CVE-2023-3886.json | 96 ++++++++++++++++++- 2023/3xxx/CVE-2023-3887.json | 96 ++++++++++++++++++- 2023/3xxx/CVE-2023-3888.json | 96 ++++++++++++++++++- 13 files changed, 1080 insertions(+), 395 deletions(-) diff --git a/2022/0xxx/CVE-2022-0828.json b/2022/0xxx/CVE-2022-0828.json index 3e31f213937..bb799e21e07 100644 --- a/2022/0xxx/CVE-2022-0828.json +++ b/2022/0xxx/CVE-2022-0828.json @@ -1,75 +1,80 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-0828", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Download Manager < 3.2.39 - Unauthenticated brute force of files master key" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Download Manager", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.2.39", - "version_value": "3.2.39" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb", - "name": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-326 Inadequate Encryption Strength", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-0828", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download." + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Download Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.2.34" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Diogo Real" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Diogo Real" - } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2022/0xxx/CVE-2022-0837.json b/2022/0xxx/CVE-2022-0837.json index e5d7d6648d2..0cf58c0bfa2 100644 --- a/2022/0xxx/CVE-2022-0837.json +++ b/2022/0xxx/CVE-2022-0837.json @@ -1,75 +1,80 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-0837", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Amelia < 1.0.48 - Customer+ SMS Service Abuse and Sensitive Data Disclosure" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Amelia – Events & Appointments Booking Calendar", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.0.48", - "version_value": "1.0.48" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious actor can abuse this vulnerability to drain out the account balance by keep sending SMS notification." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a", - "name": "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-863 Incorrect Authorization", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-0837", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious actor can abuse this vulnerability to drain out the account balance by keep sending SMS notification." + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Amelia", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "1.0.48" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Huli from Cymetrics" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huli from Cymetrics" - } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1412.json b/2022/1xxx/CVE-2022-1412.json index a8b2ec6ec88..f0fcf415f6e 100644 --- a/2022/1xxx/CVE-2022-1412.json +++ b/2022/1xxx/CVE-2022-1412.json @@ -1,75 +1,89 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-1412", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Log WP_Mail <= 0.1 - Email Logs Publicly Accessible" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Log WP_Mail", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "0.1", - "version_value": "0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/ee10f21f-4476-4f3d-85ed-94d438c61ec2", - "name": "https://wpscan.com/vulnerability/ee10f21f-4476-4f3d-85ed-94d438c61ec2" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-200 Information Exposure", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-1412", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords." + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732 Incorrect Permission Assignment for Critical Resource" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Log WP_Mail", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "0.1" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/ee10f21f-4476-4f3d-85ed-94d438c61ec2", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/ee10f21f-4476-4f3d-85ed-94d438c61ec2" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Daniel Ruf" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Daniel Ruf" - } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1551.json b/2022/1xxx/CVE-2022-1551.json index 79ad327cdbf..a508a503419 100644 --- a/2022/1xxx/CVE-2022-1551.json +++ b/2022/1xxx/CVE-2022-1551.json @@ -1,75 +1,80 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-1551", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "SP Project & Document Manager <= 4.57 - Sensitive File Disclosure" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "SP Project & Document Manager", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "4.57", - "version_value": "4.57" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/51b4752a-7922-444d-a022-f1c7159b5d84", - "name": "https://wpscan.com/vulnerability/51b4752a-7922-444d-a022-f1c7159b5d84" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-200 Information Exposure", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-1551", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files." + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-425 Direct Request ('Forced Browsing')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "SP Project & Document Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.58" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/51b4752a-7922-444d-a022-f1c7159b5d84", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/51b4752a-7922-444d-a022-f1c7159b5d84" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Viktor Markopoulos" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Viktor Markopoulos" - } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2083.json b/2022/2xxx/CVE-2022-2083.json index 62d25aa71e4..e2f77ed979e 100644 --- a/2022/2xxx/CVE-2022-2083.json +++ b/2022/2xxx/CVE-2022-2083.json @@ -1,80 +1,94 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-2083", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Simple Single Sign On <= 4.1.0 - Authentication Bypass" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Simple Single Sign On", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "4.1.0", - "version_value": "4.1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/2bbfc855-6901-462f-8a93-120d7fb5d268", - "name": "https://wpscan.com/vulnerability/2bbfc855-6901-462f-8a93-120d7fb5d268" - }, - { - "refsource": "MISC", - "url": "https://lana.codes/lanavdb/0bab7575-45fc-432d-945e-6100c35c574c/", - "name": "https://lana.codes/lanavdb/0bab7575-45fc-432d-945e-6100c35c574c/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-326 Inadequate Encryption Strength", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-2083", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site." + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-319 Cleartext Transmission of Sensitive Information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Simple Single Sign On", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "4.1.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/2bbfc855-6901-462f-8a93-120d7fb5d268", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/2bbfc855-6901-462f-8a93-120d7fb5d268" + }, + { + "url": "https://lana.codes/lanavdb/0bab7575-45fc-432d-945e-6100c35c574c/", + "refsource": "MISC", + "name": "https://lana.codes/lanavdb/0bab7575-45fc-432d-945e-6100c35c574c/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Lana Codes" - } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2023/21xxx/CVE-2023-21405.json b/2023/21xxx/CVE-2023-21405.json index 63e08c1d05e..67512f4fa7b 100644 --- a/2023/21xxx/CVE-2023-21405.json +++ b/2023/21xxx/CVE-2023-21405.json @@ -1,17 +1,161 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21405", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@axis.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nKnud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network\nIntercoms when communicating over OSDP, highlighting that the OSDP message parser crashes\nthe pacsiod process, causing a temporary unavailability of the door-controlling functionalities\nmeaning that doors cannot be opened or closed. No sensitive or customer data can be extracted\nas the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Axis Communications AB", + "product": { + "product_data": [ + { + "product_name": "AXIS A1001 Network Door Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 1.65.4 or earlier" + } + ] + } + }, + { + "product_name": "AXIS A1210-B Network Door Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 11.0 - 11.6.16.0" + } + ] + } + }, + { + "product_name": "AXIS A1601 Network Door Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 1.84.4 or earlier" + }, + { + "version_affected": "=", + "version_value": "AXIS OS 10.12.171.0 or earlier" + }, + { + "version_affected": "=", + "version_value": "AXIS OS 11.0 - 11.6.16.0" + } + ] + } + }, + { + "product_name": "AXIS A1610 (-B) Network Door Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 10.12.171.0 or earlier" + }, + { + "version_affected": "=", + "version_value": "AXIS OS 11.0 - 11.6.16.0" + } + ] + } + }, + { + "product_name": "AXIS A8207-VE Network Video Door Station", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 10.12.178 or earlier" + }, + { + "version_affected": "=", + "version_value": "AXIS OS AXIS OS 11.0 - 11.5.53" + } + ] + } + }, + { + "product_name": "AXIS A8207-VE Mk II Network Video Door Station", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 10.12.178 or earlier" + }, + { + "version_affected": "=", + "version_value": "AXIS OS AXIS OS 11.0 - 11.5.53" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.axis.com/dam/public/7f/3a/ed/cve-2023-21405-en-US-407244.pdf", + "refsource": "MISC", + "name": "https://www.axis.com/dam/public/7f/3a/ed/cve-2023-21405-en-US-407244.pdf" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/21xxx/CVE-2023-21406.json b/2023/21xxx/CVE-2023-21406.json index ab4aeccefa4..f96e3b69ee7 100644 --- a/2023/21xxx/CVE-2023-21406.json +++ b/2023/21xxx/CVE-2023-21406.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21406", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@axis.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nAriel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when\ncommunicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which\nis handling the OSDP communication allowing to write outside of the allocated buffer. By\nappending invalid data to an OSDP message it was possible to write data beyond the heap\nallocated buffer. The data written outside the buffer could be used to execute arbitrary code.\u00a0\n\nlease refer to the Axis security advisory for more information, mitigation and affected products and software versions.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Axis Communications AB", + "product": { + "product_data": [ + { + "product_name": "AXIS A1001 Network Door Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "AXIS OS 1.65.4 or earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.axis.com/dam/public/1b/21/5f/cve-2023-21406-en-US-407245.pdf", + "refsource": "MISC", + "name": "https://www.axis.com/dam/public/1b/21/5f/cve-2023-21406-en-US-407245.pdf" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/34xxx/CVE-2023-34189.json b/2023/34xxx/CVE-2023-34189.json index cab87699a31..2965084c628 100644 --- a/2023/34xxx/CVE-2023-34189.json +++ b/2023/34xxx/CVE-2023-34189.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-34189", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.\u00a0\n\nUsers are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 \u00a0to solve it.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-668 Exposure of Resource to Wrong Sphere", + "cweId": "CWE-668" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.4.0", + "version_value": "1.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/smxqyx43hxjvzv4w71n2n3rfho9p378s" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2023/34xxx/CVE-2023-34434.json b/2023/34xxx/CVE-2023-34434.json index 5a8b66bbe88..3a33a8bd702 100644 --- a/2023/34xxx/CVE-2023-34434.json +++ b/2023/34xxx/CVE-2023-34434.json @@ -1,18 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-34434", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.\u00a0\n\nThe attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8130 .\n\n" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.4.0", + "version_value": "1.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/7f1o71w5r732cspltmtdydn01gllf4jo", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/7f1o71w5r732cspltmtdydn01gllf4jo" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "sw0rd1ight and 4ra1n of Chaitin Tech" + } + ] } \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35088.json b/2023/35xxx/CVE-2023-35088.json index 7979410ae53..5e550e133a8 100644 --- a/2023/35xxx/CVE-2023-35088.json +++ b/2023/35xxx/CVE-2023-35088.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-35088", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.\u00a0\nIn the toAuditCkSql method, the groupId, streamId, auditId, and dt are directly concatenated into the SQL query statement, which may lead to SQL injection attacks.\nUsers are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it.\n\n[1] https://github.com/apache/inlong/pull/8198 \n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.4.0", + "version_value": "1.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/os7b66x4n8dbtrdpb7c6x37bb1vjb0tk", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/os7b66x4n8dbtrdpb7c6x37bb1vjb0tk" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/3xxx/CVE-2023-3886.json b/2023/3xxx/CVE-2023-3886.json index 0d048d247a6..cdb1f40eac5 100644 --- a/2023/3xxx/CVE-2023-3886.json +++ b/2023/3xxx/CVE-2023-3886.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-3886", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/invoice.php. The manipulation of the argument inv_id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235248." + }, + { + "lang": "deu", + "value": "Es wurde eine problematische Schwachstelle in Campcodes Beauty Salon Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/invoice.php. Mit der Manipulation des Arguments inv_id mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Beauty Salon Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.235248", + "refsource": "MISC", + "name": "https://vuldb.com/?id.235248" + }, + { + "url": "https://vuldb.com/?ctiid.235248", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.235248" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2018.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2018.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/3xxx/CVE-2023-3887.json b/2023/3xxx/CVE-2023-3887.json index 6afc10b8cf3..3ab7053fe72 100644 --- a/2023/3xxx/CVE-2023-3887.json +++ b/2023/3xxx/CVE-2023-3887.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-3887", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235249 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In Campcodes Beauty Salon Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /admin/search-appointment.php. Durch die Manipulation des Arguments searchdata mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Beauty Salon Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.235249", + "refsource": "MISC", + "name": "https://vuldb.com/?id.235249" + }, + { + "url": "https://vuldb.com/?ctiid.235249", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.235249" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2019.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2019.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/3xxx/CVE-2023-3888.json b/2023/3xxx/CVE-2023-3888.json index 869ca17de1a..5988c3b4137 100644 --- a/2023/3xxx/CVE-2023-3888.json +++ b/2023/3xxx/CVE-2023-3888.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-3888", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-235250 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Eine problematische Schwachstelle wurde in Campcodes Beauty Salon Management System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei /admin/admin-profile.php. Durch Manipulation des Arguments adminname mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Beauty Salon Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.235250", + "refsource": "MISC", + "name": "https://vuldb.com/?id.235250" + }, + { + "url": "https://vuldb.com/?ctiid.235250", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.235250" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2020.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%2020.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseSeverity": "MEDIUM" } ] }