From dc6d3a4760a1a8a439ae1ca9e1fec4e811a28bbb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 10 Jan 2024 14:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/38xxx/CVE-2023-38857.json | 5 + 2023/38xxx/CVE-2023-38858.json | 5 + 2023/48xxx/CVE-2023-48251.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48252.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48253.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48254.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48255.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48256.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48257.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48258.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48259.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48260.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48261.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48262.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48263.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48264.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48265.json | 301 ++++++++++++++++++++++++++++++++- 2023/48xxx/CVE-2023-48266.json | 301 ++++++++++++++++++++++++++++++++- 2023/51xxx/CVE-2023-51961.json | 56 +++++- 2023/51xxx/CVE-2023-51966.json | 56 +++++- 2024/0xxx/CVE-2024-0389.json | 95 ++++++++++- 2024/0xxx/CVE-2024-0396.json | 18 ++ 22 files changed, 4971 insertions(+), 80 deletions(-) create mode 100644 2024/0xxx/CVE-2024-0396.json diff --git a/2023/38xxx/CVE-2023-38857.json b/2023/38xxx/CVE-2023-38857.json index 6fb778d2c8b..ade0a7d1375 100644 --- a/2023/38xxx/CVE-2023-38857.json +++ b/2023/38xxx/CVE-2023-38857.json @@ -56,6 +56,11 @@ "url": "https://github.com/knik0/faad2/issues/171", "refsource": "MISC", "name": "https://github.com/knik0/faad2/issues/171" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202401-13", + "url": "https://security.gentoo.org/glsa/202401-13" } ] } diff --git a/2023/38xxx/CVE-2023-38858.json b/2023/38xxx/CVE-2023-38858.json index daeed5db1cd..43b3cd84eef 100644 --- a/2023/38xxx/CVE-2023-38858.json +++ b/2023/38xxx/CVE-2023-38858.json @@ -56,6 +56,11 @@ "url": "https://github.com/knik0/faad2/issues/173", "refsource": "MISC", "name": "https://github.com/knik0/faad2/issues/173" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202401-13", + "url": "https://security.gentoo.org/glsa/202401-13" } ] } diff --git a/2023/48xxx/CVE-2023-48251.json b/2023/48xxx/CVE-2023-48251.json index befb67c8b3f..f5216f3adbb 100644 --- a/2023/48xxx/CVE-2023-48251.json +++ b/2023/48xxx/CVE-2023-48251.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48251", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials", + "cweId": "CWE-798" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48252.json b/2023/48xxx/CVE-2023-48252.json index 19df5844082..d8f6de3355c 100644 --- a/2023/48xxx/CVE-2023-48252.json +++ b/2023/48xxx/CVE-2023-48252.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48252", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an authenticated remote attacker to perform actions exceeding their authorized access via crafted HTTP requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285 Improper Authorization", + "cweId": "CWE-285" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48253.json b/2023/48xxx/CVE-2023-48253.json index f43be1979ee..d592a329681 100644 --- a/2023/48xxx/CVE-2023-48253.json +++ b/2023/48xxx/CVE-2023-48253.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote authenticated attacker to read or update arbitrary content of the authentication database via a crafted HTTP request.\r\nBy abusing this vulnerability it is possible to exfiltrate other users\u2019 password hashes or update them with arbitrary values and access their accounts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48254.json b/2023/48xxx/CVE-2023-48254.json index bd1c2cede9f..9a843365b6b 100644 --- a/2023/48xxx/CVE-2023-48254.json +++ b/2023/48xxx/CVE-2023-48254.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48254", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim\u2019s session via a crafted URL or HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48255.json b/2023/48xxx/CVE-2023-48255.json index f3fa405d451..36340c45cbb 100644 --- a/2023/48xxx/CVE-2023-48255.json +++ b/2023/48xxx/CVE-2023-48255.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48255", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim\u2019s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned log." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48256.json b/2023/48xxx/CVE-2023-48256.json index e44dad4b6db..1d42705aa43 100644 --- a/2023/48xxx/CVE-2023-48256.json +++ b/2023/48xxx/CVE-2023-48256.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48256", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim\u2019s session via a crafted URL or HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')", + "cweId": "CWE-113" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48257.json b/2023/48xxx/CVE-2023-48257.json index b5a30f3c576..401b1f4b2e2 100644 --- a/2023/48xxx/CVE-2023-48257.json +++ b/2023/48xxx/CVE-2023-48257.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48257", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a", + "cweId": "CWE-1391" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48258.json b/2023/48xxx/CVE-2023-48258.json index 05557e27384..05967a1af83 100644 --- a/2023/48xxx/CVE-2023-48258.json +++ b/2023/48xxx/CVE-2023-48258.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48258", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote attacker to delete arbitrary files on the file system via a crafted URL or HTTP\r\nrequest through a victim\u2019s session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48259.json b/2023/48xxx/CVE-2023-48259.json index 1952a1520ec..9e6a6f343ad 100644 --- a/2023/48xxx/CVE-2023-48259.json +++ b/2023/48xxx/CVE-2023-48259.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48260.json b/2023/48xxx/CVE-2023-48260.json index 6642cc53aaa..ee8792d0485 100644 --- a/2023/48xxx/CVE-2023-48260.json +++ b/2023/48xxx/CVE-2023-48260.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48260", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48261.json b/2023/48xxx/CVE-2023-48261.json index ccc46cb3343..1df731d1765 100644 --- a/2023/48xxx/CVE-2023-48261.json +++ b/2023/48xxx/CVE-2023-48261.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48261", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/48xxx/CVE-2023-48262.json b/2023/48xxx/CVE-2023-48262.json index 615d05500d5..b63c059c177 100644 --- a/2023/48xxx/CVE-2023-48262.json +++ b/2023/48xxx/CVE-2023-48262.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48262", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48263.json b/2023/48xxx/CVE-2023-48263.json index 3ec9697b605..27908c16816 100644 --- a/2023/48xxx/CVE-2023-48263.json +++ b/2023/48xxx/CVE-2023-48263.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48264.json b/2023/48xxx/CVE-2023-48264.json index 6328cbdf24e..a6b8b896129 100644 --- a/2023/48xxx/CVE-2023-48264.json +++ b/2023/48xxx/CVE-2023-48264.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48264", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48265.json b/2023/48xxx/CVE-2023-48265.json index 35433b42ca8..978141c8b77 100644 --- a/2023/48xxx/CVE-2023-48265.json +++ b/2023/48xxx/CVE-2023-48265.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48265", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/48xxx/CVE-2023-48266.json b/2023/48xxx/CVE-2023-48266.json index 0ef5d1fb95a..25bc22cfeaf 100644 --- a/2023/48xxx/CVE-2023-48266.json +++ b/2023/48xxx/CVE-2023-48266.json @@ -1,17 +1,310 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-48266", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rexroth", + "product": { + "product_data": [ + { + "product_name": "Nexo cordless nutrunner NXA015S-36V (0608842001)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V (0608842002)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V (0608842003)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V (0608842005)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA015S-36V-B (0608842006)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA030S-36V-B (0608842007)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA050S-36V-B (0608842008)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXP012QD-36V-B (0608842010)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V (0608842011)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA011S-36V-B (0608842012)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V (0608842013)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXA065S-36V-B (0608842014)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V (0608842015)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo cordless nutrunner NXV012T-36V-B (0608842016)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2272)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2301)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2514)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2515)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2666)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + }, + { + "product_name": "Nexo special cordless nutrunner (0608PE2673)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "NEXO-OS V1000-Release", + "version_value": "NEXO-OS V1500-SP2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html", + "refsource": "MISC", + "name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/51xxx/CVE-2023-51961.json b/2023/51xxx/CVE-2023-51961.json index 3a52d02c0b8..18445173f45 100644 --- a/2023/51xxx/CVE-2023-51961.json +++ b/2023/51xxx/CVE-2023-51961.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-51961", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-51961", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the function formGetIptv ." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://grove-laser-8ad.notion.site/Tenda-AX1803-Buffer-Overflow-in-formGetIptv-0fcc584fcda44b1c837e42d5d732957a", + "url": "https://grove-laser-8ad.notion.site/Tenda-AX1803-Buffer-Overflow-in-formGetIptv-0fcc584fcda44b1c837e42d5d732957a" } ] } diff --git a/2023/51xxx/CVE-2023-51966.json b/2023/51xxx/CVE-2023-51966.json index 6fa41bd62ec..149686b1705 100644 --- a/2023/51xxx/CVE-2023-51966.json +++ b/2023/51xxx/CVE-2023-51966.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-51966", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-51966", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the function setIptvInfo." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://grove-laser-8ad.notion.site/Tenda-AX1803-Buffer-Overflow-in-setIptvInfo-944beaf189db4bf49f99a7a7418c7bdd", + "url": "https://grove-laser-8ad.notion.site/Tenda-AX1803-Buffer-Overflow-in-setIptvInfo-944beaf189db4bf49f99a7a7418c7bdd" } ] } diff --git a/2024/0xxx/CVE-2024-0389.json b/2024/0xxx/CVE-2024-0389.json index 8b99c29cc02..f172b619011 100644 --- a/2024/0xxx/CVE-2024-0389.json +++ b/2024/0xxx/CVE-2024-0389.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0389", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Student Attendance System 1.0. Affected is an unknown function of the file attendance_report.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250230 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in SourceCodester Student Attendance System 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei attendance_report.php. Mit der Manipulation des Arguments class_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Student Attendance System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.250230", + "refsource": "MISC", + "name": "https://vuldb.com/?id.250230" + }, + { + "url": "https://vuldb.com/?ctiid.250230", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.250230" + }, + { + "url": "https://drive.google.com/file/d/1Vi-IGjAZbitDqEvmd9ONrxE0MgB8-v1I/view?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1Vi-IGjAZbitDqEvmd9ONrxE0MgB8-v1I/view?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Strik3r (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2024/0xxx/CVE-2024-0396.json b/2024/0xxx/CVE-2024-0396.json new file mode 100644 index 00000000000..b21c939ca10 --- /dev/null +++ b/2024/0xxx/CVE-2024-0396.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0396", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file