mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-07 03:02:46 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
3f5f684228
commit
df68a2919f
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-24203",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2023-24203",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s)."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.sourcecodester.com",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.sourcecodester.com"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://momonguyen.com/2023/cve-2023-24203/",
|
||||
"url": "https://momonguyen.com/2023/cve-2023-24203/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204",
|
||||
"url": "https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-24204",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2023-24204",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.sourcecodester.com",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.sourcecodester.com"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://momonguyen.com/2023/cve-2023-24203/",
|
||||
"url": "https://momonguyen.com/2023/cve-2023-24203/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204",
|
||||
"url": "https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,156 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-36640",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-134"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiProxy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.10"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "2.0.0",
|
||||
"version_value": "2.0.14"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "1.2.0",
|
||||
"version_value": "1.2.13"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "1.1.0",
|
||||
"version_value": "1.1.6"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "1.0.0",
|
||||
"version_value": "1.0.7"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiPAM",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "1.0.0",
|
||||
"version_value": "1.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "7.2.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.12"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.4.0",
|
||||
"version_value": "6.4.14"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.16"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.16"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-137",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-137"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,98 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-40720",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper access control",
|
||||
"cweId": "CWE-639"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiVoice",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.4.0",
|
||||
"version_value": "6.4.8"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.12"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-282",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-282"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.7,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:P/RL:X/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-44247",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-415"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.4.0",
|
||||
"version_value": "6.4.15"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.16"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-195",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-195"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiOS version 7.0.0 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,157 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-45583",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-134"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiProxy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.10"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiPAM",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "1.1.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "1.0.0",
|
||||
"version_value": "1.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiSwitchManager",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "7.4.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.5"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.12"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.4.0",
|
||||
"version_value": "6.4.15"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.16"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-137",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-137"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,135 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-45586",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper access control",
|
||||
"cweId": "CWE-345"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiProxy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.4.0",
|
||||
"version_value": "7.4.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.7"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.13"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "2.0.0",
|
||||
"version_value": "2.0.14"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.4.0",
|
||||
"version_value": "7.4.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.7"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.12"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.4.0",
|
||||
"version_value": "6.4.15"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.16"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-225",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-225"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.8 or above \nPlease upgrade to FortiProxy version 7.0.14 or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiSASE version 23.4.a or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.7,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-46714",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-121"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.4.0",
|
||||
"version_value": "7.4.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.1",
|
||||
"version_value": "7.2.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-415",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-415"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiAuthenticator version 6.6.1 or above \nPlease upgrade to FortiAuthenticator version 6.5.5 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.8,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,108 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-50180",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information disclosure",
|
||||
"cweId": "CWE-497"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiADC",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.4.0",
|
||||
"version_value": "7.4.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.1.0",
|
||||
"version_value": "7.1.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.5"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-23-433",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-23-433"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiADC version 7.4.2 or above \nPlease upgrade to FortiADC version 7.2.4 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.2,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,358 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1628",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "GEHealthcareCVD@ge.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "OS command injection vulnerabilities in GE HealthCare ultrasound devices"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
|
||||
"cweId": "CWE-78"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "GE HealthCare",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Venue",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Go",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Fit",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ e",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R7",
|
||||
"version_value": "R9.1.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R8",
|
||||
"version_value": "R10.1.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R9",
|
||||
"version_value": "R11.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ He",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "0",
|
||||
"version_value": "R9.3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid E",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E95",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E90",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E80",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid S",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "70N",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "60N",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid T",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T8",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T9",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid iq",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 16",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "BT24",
|
||||
"version_value": "Ext1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 18",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "BT24",
|
||||
"version_value": "Ext1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 22",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "BT24",
|
||||
"version_value": "Ext1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson SWIFT",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Invenia ABUS 2.0",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "0",
|
||||
"version_value": "2.2.7"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10s",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ Fortis",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://securityupdate.gehealthcare.com/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://securityupdate.gehealthcare.com/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Andrea Palanca and Gabriele Quagliarella of Nozomi Networks"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.4,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,343 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1629",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "GEHealthcareCVD@ge.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Path traversal vulnerability in \u201cdeleteFiles\u201d function of Common Service Desktop, a GE HealthCare ultrasound device component"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "GE HealthCare",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Venue",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Go",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Fit",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ e",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R7",
|
||||
"version_value": "R9.1.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R8",
|
||||
"version_value": "R10.1.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R9",
|
||||
"version_value": "R11.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ He",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "0",
|
||||
"version_value": "R9.3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid E",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E95",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E90",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E80",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid S",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "70N",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "60N",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid T",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T8",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T9",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid iq",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 16",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 18",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 22",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson SWIFT",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10s",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ Fortis",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://securityupdate.gehealthcare.com/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://securityupdate.gehealthcare.com/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Andrea Palanca and Gabriele Quagliarella of Nozomi Networks"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.2,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,326 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1630",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "GEHealthcareCVD@ge.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Path traversal vulnerability in \u201cgetAllFolderContents\u201d function of Common Service Desktop, a GE HealthCare ultrasound device component"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
|
||||
"cweId": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "GE HealthCare",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Venue",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Go",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "R2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Venue Fit",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R3",
|
||||
"version_value": "R3.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R4",
|
||||
"version_value": "R4.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ e",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R7",
|
||||
"version_value": "R9.1.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R8",
|
||||
"version_value": "R10.1.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "R9",
|
||||
"version_value": "R11.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ He",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "0",
|
||||
"version_value": "R9.3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid E",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E95",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E90",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "E80",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid T",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T8",
|
||||
"version_value": "206"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "T9",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Vivid iq",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "206"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 16",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 18",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson Expert 22",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Voluson SWIFT",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BT24"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ E10s",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "LOGIQ Fortis",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "R3.2.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://securityupdate.gehealthcare.com/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://securityupdate.gehealthcare.com/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Andrea Palanca and Gabriele Quagliarella of Nozomi Networks"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.7,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -80,6 +80,12 @@
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "ABB thanks Yuncheng Wang, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China for responsibly reporting the vulnerabilities and working with us as we addressed them"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -80,6 +80,12 @@
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "ABB thanks Yuncheng Wang, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China for responsibly reporting the vulnerabilities and working with us as we addressed them."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-23105",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper access control",
|
||||
"cweId": "CWE-348"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiPortal",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.0.0",
|
||||
"version_value": "7.0.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-24-021",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-24-021"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiPortal version 7.2.2 or above \nPlease upgrade to FortiPortal version 7.0.7 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,87 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-26007",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Denial of service",
|
||||
"cweId": "CWE-703"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiOS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "7.4.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-24-017",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-24-017"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiOS version 7.4.2 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -54,7 +54,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -66,7 +66,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,7 +78,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2402"
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -102,7 +102,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4291"
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -114,7 +114,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3447"
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,7 +126,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4291"
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -138,7 +138,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,7 +150,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -162,7 +162,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.830"
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -174,7 +174,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20596"
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -186,7 +186,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -198,7 +198,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -210,7 +210,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,7 +222,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -234,7 +234,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -54,7 +54,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -66,7 +66,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,7 +78,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2402"
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -102,7 +102,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4291"
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -114,7 +114,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3447"
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,7 +126,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4291"
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -138,7 +138,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,7 +150,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -162,7 +162,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.830"
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -174,7 +174,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20596"
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -186,7 +186,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -198,7 +198,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -210,7 +210,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,7 +222,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -234,7 +234,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -54,7 +54,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -66,7 +66,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,7 +78,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2402"
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -102,7 +102,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4291"
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -114,7 +114,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3447"
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,7 +126,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4291"
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -138,7 +138,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,7 +150,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -162,7 +162,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.830"
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -174,7 +174,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20596"
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -186,7 +186,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -198,7 +198,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -210,7 +210,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,7 +222,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -234,7 +234,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,86 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-26238",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')",
|
||||
"cweId": "CWE-59"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26238",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26238"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-26367",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-26367",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "http://cc.com",
|
||||
"refsource": "MISC",
|
||||
"name": "http://cc.com"
|
||||
},
|
||||
{
|
||||
"url": "http://evertz.com",
|
||||
"refsource": "MISC",
|
||||
"name": "http://evertz.com"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://wiki.notveg.ninja/blog/CVE-2024-26367/",
|
||||
"url": "https://wiki.notveg.ninja/blog/CVE-2024-26367/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -54,7 +54,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -66,7 +66,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,7 +78,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2402"
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -102,7 +102,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4291"
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -114,7 +114,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3447"
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,7 +126,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4291"
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -138,7 +138,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,7 +150,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -162,7 +162,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.830"
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -174,7 +174,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20596"
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -186,7 +186,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -198,7 +198,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -210,7 +210,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,7 +222,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -234,7 +234,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -54,7 +54,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -66,7 +66,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5696"
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,7 +78,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2402"
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -102,7 +102,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4291"
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -114,7 +114,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3447"
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,7 +126,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4291"
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -138,7 +138,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,7 +150,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3447"
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -162,7 +162,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.830"
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -174,7 +174,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20596"
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -186,7 +186,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -198,7 +198,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -210,7 +210,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6897"
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -222,7 +222,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -234,7 +234,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21924"
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29994",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-125: Out-of-bounds Read",
|
||||
"cweId": "CWE-125"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29994",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29994"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,350 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29996",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-125: Out-of-bounds Read",
|
||||
"cweId": "CWE-125"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1507",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1607",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.1.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29996",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29996"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29997",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29997",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29997"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29998",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-20: Improper Input Validation",
|
||||
"cweId": "CWE-20"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29998",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29998"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29999",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29999",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29999"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30000",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30000",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30000"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30001",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30001",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30001"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30002",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-20: Improper Input Validation",
|
||||
"cweId": "CWE-20"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30002",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30002"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30003",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30003",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30003"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30004",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30004",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30004"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,194 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30005",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-190: Integer Overflow or Wraparound",
|
||||
"cweId": "CWE-190"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30005",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30005"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 6.8,
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,350 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30006",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-416: Use After Free",
|
||||
"cweId": "CWE-416"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1507",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1607",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.1.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30006",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30006"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,74 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30007",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-269: Improper Privilege Management",
|
||||
"cweId": "CWE-269"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30007",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30007"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,242 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30008",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows DWM Core Library Information Disclosure Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-191: Integer Underflow (Wrap or Wraparound)",
|
||||
"cweId": "CWE-191"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1507",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1607",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30008",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30008"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "MEDIUM",
|
||||
"baseScore": 5.5,
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,350 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30009",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-197: Numeric Truncation Error",
|
||||
"cweId": "CWE-197"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows 10 Version 1809",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22000.2960"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 21H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19044.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22621.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 22H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19045.4412"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 version 22H3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 11 Version 23H2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.22631.3593"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1507",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.10240.20651"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows 10 Version 1607",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 Service Pack 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.0.6003.22668"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.1.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.1.7601.27117"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30009",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30009"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,182 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30010",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@microsoft.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Windows Hyper-V Remote Code Execution Vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-23: Relative Path Traversal",
|
||||
"cweId": "CWE-23"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Microsoft",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Windows Server 2019",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2019 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.17763.5820"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.20348.2461"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.25398.887"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2016 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.14393.6981"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.2.0",
|
||||
"version_value": "6.2.9200.24868"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Windows Server 2012 R2 (Server Core installation)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.3.0",
|
||||
"version_value": "6.3.9600.21972"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30010",
|
||||
"refsource": "MISC",
|
||||
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30010"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseSeverity": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/31xxx/CVE-2024-31079.json
Normal file
18
2024/31xxx/CVE-2024-31079.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31079",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,113 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31488",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC version 9.4.0 through 9.4.4, 9.2.0 through 9.2.8, 9.1.0 through 9.1.10, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 7.2.0 through 7.2.3 may allow a remote authenticated attacker to perform stored and reflected cross site scripting (XSS) attack via crafted HTTP requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiNAC",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.4.0",
|
||||
"version_value": "9.4.3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.2.0",
|
||||
"version_value": "9.2.8"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.1.0",
|
||||
"version_value": "9.1.10"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "8.8.0",
|
||||
"version_value": "8.8.11"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "8.7.0",
|
||||
"version_value": "8.7.6"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "7.2.0",
|
||||
"version_value": "7.2.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-24-040",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-24-040"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiNAC version 9.4.5 or above \nPlease upgrade to FortiNAC version 7.4.0 or above \nPlease upgrade to FortiNAC version 7.2.4 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31491",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@fortinet.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Execute unauthorized code or commands",
|
||||
"cweId": "CWE-602"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Fortinet",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "FortiSandbox",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "4.4.0",
|
||||
"version_value": "4.4.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "4.2.0",
|
||||
"version_value": "4.2.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fortiguard.com/psirt/FG-IR-24-054",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fortiguard.com/psirt/FG-IR-24-054"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Please upgrade to FortiSandbox version 4.4.5 or above \nPlease upgrade to FortiSandbox version 4.2.7 or above \n"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.6,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-32355",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-32355",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.totolink.net/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.totolink.net/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md",
|
||||
"url": "https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/32xxx/CVE-2024-32760.json
Normal file
18
2024/32xxx/CVE-2024-32760.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-32760",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/34xxx/CVE-2024-34161.json
Normal file
18
2024/34xxx/CVE-2024-34161.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34161",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/35xxx/CVE-2024-35200.json
Normal file
18
2024/35xxx/CVE-2024-35200.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-35200",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/4xxx/CVE-2024-4875.json
Normal file
18
2024/4xxx/CVE-2024-4875.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-4875",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user