diff --git a/2023/2xxx/CVE-2023-2914.json b/2023/2xxx/CVE-2023-2914.json
index 676cb60228e..1a4c8b7dd2c 100644
--- a/2023/2xxx/CVE-2023-2914.json
+++ b/2023/2xxx/CVE-2023-2914.json
@@ -1,17 +1,130 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2914",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "PSIRT@rockwellautomation.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software. "
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-20 Improper Input Validation",
+ "cweId": "CWE-20"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Rockwell Automation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "ThinManager ThinServer",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "11.0.0 - 11.2.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.1.0 - 11.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.2.0 - 11.2.7"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.0.0 - 12.0.5"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.1.0 - 12.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.0.0 - 13.0.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.1.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
+ "refsource": "MISC",
+ "name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\n- Update to the corrected software versions.
- Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.
"
+ }
+ ],
+ "value": "\n * Update to the corrected software versions.\n * Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/2xxx/CVE-2023-2915.json b/2023/2xxx/CVE-2023-2915.json
index 6e0a883c659..93008e14a5f 100644
--- a/2023/2xxx/CVE-2023-2915.json
+++ b/2023/2xxx/CVE-2023-2915.json
@@ -1,17 +1,130 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2915",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "PSIRT@rockwellautomation.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition. "
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-20 Improper Input Validation",
+ "cweId": "CWE-20"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Rockwell Automation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "ThinManager ThinServer",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "11.0.0 - 11.2.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.1.0 - 11.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.2.0 - 11.2.7"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.0.0 - 12.0.5"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.1.0 - 12.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.0.0 - 13.0.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.1.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
+ "refsource": "MISC",
+ "name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\n- Update to the corrected software versions.
- Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.
"
+ }
+ ],
+ "value": "\n * Update to the corrected software versions.\n * Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/2xxx/CVE-2023-2917.json b/2023/2xxx/CVE-2023-2917.json
index c3d2f10ebe3..fa3f0cd3c1c 100644
--- a/2023/2xxx/CVE-2023-2917.json
+++ b/2023/2xxx/CVE-2023-2917.json
@@ -1,17 +1,130 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2917",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "PSIRT@rockwellautomation.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u00a0\u00a0Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u00a0A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\n\n "
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-20 Improper Input Validation",
+ "cweId": "CWE-20"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Rockwell Automation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "ThinManager ThinServer",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "11.0.0 - 11.2.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.1.0 - 11.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "11.2.0 - 11.2.7"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.0.0 - 12.0.5"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.1.0 - 12.1.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.0.0 - 13.0.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "13.1.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
+ "refsource": "MISC",
+ "name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\n- Update to the corrected software versions.
- Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.
"
+ }
+ ],
+ "value": "\n * Update to the corrected software versions.\n * Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/38xxx/CVE-2023-38840.json b/2023/38xxx/CVE-2023-38840.json
index 827514369cd..0f4bd30c323 100644
--- a/2023/38xxx/CVE-2023-38840.json
+++ b/2023/38xxx/CVE-2023-38840.json
@@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
- "value": "An issue in Bitwarden Bitwarden Desktop v.2023.5.1 allows a local attacker to obtain sensitive information via the the bitwarden.exe"
+ "value": "Bitwarden Windows Desktop v2023.5.1 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process."
}
]
},
diff --git a/2023/39xxx/CVE-2023-39115.json b/2023/39xxx/CVE-2023-39115.json
index ef38a539736..fd1d494d47f 100644
--- a/2023/39xxx/CVE-2023-39115.json
+++ b/2023/39xxx/CVE-2023-39115.json
@@ -61,6 +61,16 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://www.exploit-db.com/exploits/51656",
+ "url": "https://www.exploit-db.com/exploits/51656"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/Raj789-sec/CVE-2023-39115",
+ "url": "https://github.com/Raj789-sec/CVE-2023-39115"
}
]
}
diff --git a/2023/4xxx/CVE-2023-4402.json b/2023/4xxx/CVE-2023-4402.json
new file mode 100644
index 00000000000..6c03523b79b
--- /dev/null
+++ b/2023/4xxx/CVE-2023-4402.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-4402",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file