diff --git a/2023/4xxx/CVE-2023-4617.json b/2023/4xxx/CVE-2023-4617.json index 97b94ccb2df..ac9280159fd 100644 --- a/2023/4xxx/CVE-2023-4617.json +++ b/2023/4xxx/CVE-2023-4617.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-4617", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cvd@cert.pl", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing \"device\", \"sku\" and \"type\" fields' values.\u00a0\nThis issue affects Govee Home applications on Android and iOS in versions\u00a0before 5.9." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-863 Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Govee", + "product": { + "product_data": [ + { + "product_name": "Govee Home", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "5.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://cert.pl/en/posts/2024/12/CVE-2023-4617/", + "refsource": "MISC", + "name": "https://cert.pl/en/posts/2024/12/CVE-2023-4617/" + }, + { + "url": "https://cert.pl/posts/2024/12/CVE-2023-4617/", + "refsource": "MISC", + "name": "https://cert.pl/posts/2024/12/CVE-2023-4617/" + }, + { + "url": "https://play.google.com/store/apps/details?id=com.govee.home", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=com.govee.home" + }, + { + "url": "https://apps.apple.com/us/app/govee-home/id1395696823", + "refsource": "MISC", + "name": "https://apps.apple.com/us/app/govee-home/id1395696823" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Jan Adamski (NASK-PIB)" + }, + { + "lang": "en", + "value": "Marek Janiszewski (NASK-PIB)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/11xxx/CVE-2024-11616.json b/2024/11xxx/CVE-2024-11616.json index 9c01250a1b2..b9112128dbb 100644 --- a/2024/11xxx/CVE-2024-11616.json +++ b/2024/11xxx/CVE-2024-11616.json @@ -1,18 +1,103 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11616", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@netskope.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Netskope was made aware of a security vulnerability in Netskope Endpoint DLP\u2019s Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that the NumberOfBytes\u00a0argument to ExAllocatePoolWithTag, and the Length argument for RtlCopyMemory, both independently dereference their value from the user supplied input buffer inside the EpdlpSetUsbAction\u00a0function, known as a double-fetch. If this length value grows to a higher value in between these two calls, it will result in the RtlCopyMemory\u00a0call copying user-supplied memory contents outside the range of the allocated buffer, resulting in a heap overflow. A malicious attacker will need admin privileges to exploit the issue.\nThis issue affects Endpoint DLP version below R119." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125 Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Netskope Inc.", + "product": { + "product_data": [ + { + "product_name": "Endpoint DLP", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "118.0.0; 0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-003", + "refsource": "MISC", + "name": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-003" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "NSKPASA-2024-003", + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Endpoint DLP product on Windows platform (preferable Windows 10 or below as Windows 11 have kernal level protections against such issue) with admin rights. 
" + } + ], + "value": "Endpoint DLP product on Windows platform (preferable Windows 10 or below as Windows 11 have kernal level protections against such issue) with admin rights." + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Netskope has patch the issue with R119 and onwards and have also backported to R117.1.6" + } + ], + "value": "Netskope has patch the issue with R119 and onwards and have also backported to R117.1.6" + } + ], + "credits": [ + { + "lang": "en", + "value": "Netskope credits Thomas Brice from Oxford Nanopore Technologies for reporting this flaw." + } + ] } \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12791.json b/2024/12xxx/CVE-2024-12791.json new file mode 100644 index 00000000000..71a3b1411ac --- /dev/null +++ b/2024/12xxx/CVE-2024-12791.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12791", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12792.json b/2024/12xxx/CVE-2024-12792.json new file mode 100644 index 00000000000..b629c3ceed7 --- /dev/null +++ b/2024/12xxx/CVE-2024-12792.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12792", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12793.json b/2024/12xxx/CVE-2024-12793.json new file mode 100644 index 00000000000..8d0b6fc499f --- /dev/null +++ b/2024/12xxx/CVE-2024-12793.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12793", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12794.json b/2024/12xxx/CVE-2024-12794.json new file mode 100644 index 00000000000..fab9565d14f --- /dev/null +++ b/2024/12xxx/CVE-2024-12794.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12794", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file