mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
bb9f1e0b49
commit
a6bdc1eeb1
@ -34,7 +34,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by users with checkuser access."
|
||||
"value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by users with suppression rights."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,17 +1,125 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-23355",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@qnap.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability has been reported to affect multiple QNAP operating systems. If exploited, the vulnerability allows remote authenticated users to execute arbitrary commands via susceptible QNAP devices. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR. We have already fixed the vulnerability in the following operating system versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-77",
|
||||
"cweId": "CWE-77"
|
||||
},
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-78",
|
||||
"cweId": "CWE-78"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "QNAP Systems Inc.",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "QTS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "5.0.0",
|
||||
"version_value": "5.0.1.2346 build 20230322"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "QuTS hero",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "h5.0.0",
|
||||
"version_value": "h5.0.1.2348 build 20230324"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.qnap.com/en/security-advisory/qsa-23-10",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.qnap.com/en/security-advisory/qsa-23-10"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"advisory": "QSA-23-10",
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"supportingMedia": [
|
||||
{
|
||||
"base64": false,
|
||||
"type": "text/html",
|
||||
"value": "We have already fixed the vulnerability in the following product:<br>QTS 5.0.1.2346 build 20230322 and later<br>QuTS hero h5.0.1.2348 build 20230324 and later<br>"
|
||||
}
|
||||
],
|
||||
"value": "We have already fixed the vulnerability in the following product:\nQTS 5.0.1.2346 build 20230322 and later\nQuTS hero h5.0.1.2348 build 20230324 and later\n"
|
||||
}
|
||||
],
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "YC of the M1QLin security team"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.6,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -76,6 +76,11 @@
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2023-b7e90bc682",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REDZB5J7WDN2P3NYWFO2NNJXSTOFUUKM/"
|
||||
},
|
||||
{
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2023-2cf272ad72",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQ4ZGY5MDDHBEOQTD4IIA2RFID3ATPXA/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user