admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-06 20:00:35 +00:00
parent e1c58daeb4
commit dec672f180
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
17 changed files with 427 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/22xxx/CVE-2020-22653.json
View File

@ -56,6 +56,11 @@
"url": "https://support.ruckuswireless.com/security_bulletins/302", "url": "https://support.ruckuswireless.com/security_bulletins/302",
"refsource": "MISC", "refsource": "MISC",
"name": "https://support.ruckuswireless.com/security_bulletins/302" "name": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"refsource": "MISC",
"name": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
} }
] ]
} }

5
2020/22xxx/CVE-2020-22654.json
View File

@ -56,6 +56,11 @@
"url": "https://support.ruckuswireless.com/security_bulletins/302", "url": "https://support.ruckuswireless.com/security_bulletins/302",
"refsource": "MISC", "refsource": "MISC",
"name": "https://support.ruckuswireless.com/security_bulletins/302" "name": "https://support.ruckuswireless.com/security_bulletins/302"
},
{
"refsource": "MISC",
"name": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1",
"url": "https://hdhrmi.blogspot.com/2020/03/multiple-vulnerabilities-in-ruckus.html?m=1"
} }
] ]
} }

2
2024/41xxx/CVE-2024-41667.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default PingOne Advanced Identity Cloud login page,they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4." "value": "OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default OpenAM login, they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4."
} }
] ]
}, },

8
2024/42xxx/CVE-2024-42393.json
View File

@ -35,7 +35,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "product_name": "Hpe Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -70,9 +70,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC", "refsource": "MISC",
"name": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt" "name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
} }
] ]
}, },
@ -86,7 +86,7 @@
"credits": [ "credits": [
{ {
"lang": "en", "lang": "en",
"value": "zzcentury" "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
} }
], ],
"impact": { "impact": {

8
2024/42xxx/CVE-2024-42394.json
View File

@ -35,7 +35,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -70,9 +70,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC", "refsource": "MISC",
"name": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt" "name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
} }
] ]
}, },
@ -86,7 +86,7 @@
"credits": [ "credits": [
{ {
"lang": "en", "lang": "en",
"value": "zzcentury" "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
} }
], ],
"impact": { "impact": {

8
2024/42xxx/CVE-2024-42395.json
View File

@ -35,7 +35,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -70,9 +70,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC", "refsource": "MISC",
"name": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt" "name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
} }
] ]
}, },
@ -86,7 +86,7 @@
"credits": [ "credits": [
{ {
"lang": "en", "lang": "en",
"value": "zzcentury" "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
} }
], ],
"impact": { "impact": {

8
2024/42xxx/CVE-2024-42396.json
View File

@ -35,7 +35,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -70,9 +70,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC", "refsource": "MISC",
"name": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt" "name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
} }
] ]
}, },
@ -86,7 +86,7 @@
"credits": [ "credits": [
{ {
"lang": "en", "lang": "en",
"value": "zzcentury" "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
} }
], ],
"impact": { "impact": {

8
2024/42xxx/CVE-2024-42397.json
View File

@ -35,7 +35,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -70,9 +70,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC", "refsource": "MISC",
"name": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.txt" "name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
} }
] ]
}, },
@ -86,7 +86,7 @@
"credits": [ "credits": [
{ {
"lang": "en", "lang": "en",
"value": "zzcentury" "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
} }
], ],
"impact": { "impact": {

100
2024/42xxx/CVE-2024-42398.json
View File

@ -1,17 +1,109 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-42398", "ID": "CVE-2024-42398",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-alert@hpe.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise",
"product": {
"product_data": [
{
"product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "Version 8.12.0.0: 8.12.0.1 and below",
"version_value": "<=8.12.0.1"
},
{
"version_affected": "<=",
"version_name": "Version 8.10.0.0: 8.10.0.12 and below",
"version_value": "<=8.10.0.12"
},
{
"version_affected": "<=",
"version_name": "Version 10.6.0.0: 10.6.0.0 and below",
"version_value": "<=10.6.0.0"
},
{
"version_affected": "<=",
"version_name": "Version 10.4.0.0: 10.4.1.3 and below",
"version_value": "<=10.4.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC",
"name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "HPESBNW04678",
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
} }
] ]
} }

100
2024/42xxx/CVE-2024-42399.json
View File

@ -1,17 +1,109 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-42399", "ID": "CVE-2024-42399",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-alert@hpe.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise",
"product": {
"product_data": [
{
"product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "Version 8.12.0.0: 8.12.0.1 and below",
"version_value": "<=8.12.0.1"
},
{
"version_affected": "<=",
"version_name": "Version 8.10.0.0: 8.10.0.12 and below",
"version_value": "<=8.10.0.12"
},
{
"version_affected": "<=",
"version_name": "Version 10.6.0.0: 10.6.0.0 and below",
"version_value": "<=10.6.0.0"
},
{
"version_affected": "<=",
"version_name": "Version 10.4.0.0: 10.4.1.3 and below",
"version_value": "<=10.4.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC",
"name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "HPESBNW04678",
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
} }
] ]
} }

100
2024/42xxx/CVE-2024-42400.json
View File

@ -1,17 +1,109 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-42400", "ID": "CVE-2024-42400",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-alert@hpe.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise",
"product": {
"product_data": [
{
"product_name": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "Version 8.12.0.0: 8.12.0.1 and below",
"version_value": "<=8.12.0.1"
},
{
"version_affected": "<=",
"version_name": "Version 8.10.0.0: 8.10.0.12 and below",
"version_value": "<=8.10.0.12"
},
{
"version_affected": "<=",
"version_name": "Version 10.6.0.0: 10.6.0.0 and below",
"version_value": "<=10.6.0.0"
},
{
"version_affected": "<=",
"version_name": "Version 10.4.0.0: 10.4.1.3 and below",
"version_value": "<=10.4.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",
"refsource": "MISC",
"name": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "HPESBNW04678",
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
} }
] ]
} }

18
2024/7xxx/CVE-2024-7568.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7568",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7569.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7569",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7570.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7570",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7571.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7571",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7572.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7572",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7573.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7573",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}