admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-03-06 12:00:37 +00:00
parent e1449eb2cf
commit e237b3af0a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 290 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
2024/1xxx/CVE-2024-1224.json
View File

@ -1,17 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326 Inadequate Encryption Strength",
"cweId": "CWE-326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CDAC",
"product": {
"product_data": [
{
"product_name": "USB Pratirodh",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<=3.1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0080",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0080"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to USB Pratirodh version 3.1.3 or later.<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://cdac.in/index.aspx?id=cs_eps_usb_pra\">https://cdac.in/index.aspx?id=cs_eps_usb_pra</a><br><br>"
}
],
"value": "Upgrade to USB Pratirodh version 3.1.3 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_usb_pra https://cdac.in/index.aspx \n\n"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Prajyot Chemburkar from Payatu Security Consulting Pvt. Ltd. India."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
]
}

94
2024/25xxx/CVE-2024-25102.json
View File

@ -1,17 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326: Inadequate Encryption Strength ",
"cweId": "CWE-326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CDAC",
"product": {
"product_data": [
{
"product_name": "AppSamvid Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<=2.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to AppSamvid version 2.0.2 or later.<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://cdac.in/index.aspx?id=cs_eps_appsamvid\">https://cdac.in/index.aspx?id=cs_eps_appsamvid</a><br>"
}
],
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid https://cdac.in/index.aspx \n"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mukund Kedia."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
]
}

94
2024/25xxx/CVE-2024-25103.json
View File

@ -1,17 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25103",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-426 Untrusted Search Path",
"cweId": "CWE-426"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CDAC",
"product": {
"product_data": [
{
"product_name": "AppSamvid Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<=2.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to AppSamvid version 2.0.2 or later.<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://cdac.in/index.aspx?id=cs_eps_appsamvid\">https://cdac.in/index.aspx?id=cs_eps_appsamvid</a><br>"
}
],
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid https://cdac.in/index.aspx \n"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mukund Kedia."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
]
}

4
2024/2xxx/CVE-2024-2005.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "\n\n\nBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
"value": "\n\n\nIn Blue Planet\u00ae products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.\n\nBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
]
},
@ -143,7 +143,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "22.12",
"lessThanOrEqual": " 22.12",
"status": "affected",
"version": " early versions ",
"versionType": "custom"

18
2024/2xxx/CVE-2024-2218.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2218",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}