diff --git a/2022/47xxx/CVE-2022-47870.json b/2022/47xxx/CVE-2022-47870.json index d667c5cdba7..ce3ba5e21b8 100644 --- a/2022/47xxx/CVE-2022-47870.json +++ b/2022/47xxx/CVE-2022-47870.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-47870", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-47870", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Cross Site Scripting (XSS) vulnerability in the web SQL monitor login page in Redgate SQL Monitor 12.1.31.893 allows remote attackers to inject arbitrary web Script or HTML via the returnUrl parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/171647/SQL-Monitor-12.1.31.893-Cross-Site-Scripting.html", + "url": "https://packetstormsecurity.com/files/171647/SQL-Monitor-12.1.31.893-Cross-Site-Scripting.html" } ] } diff --git a/2023/1xxx/CVE-2023-1831.json b/2023/1xxx/CVE-2023-1831.json new file mode 100644 index 00000000000..287bbc16593 --- /dev/null +++ b/2023/1xxx/CVE-2023-1831.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1831", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1832.json b/2023/1xxx/CVE-2023-1832.json new file mode 100644 index 00000000000..6c4f84780ac --- /dev/null +++ b/2023/1xxx/CVE-2023-1832.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1832", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1833.json b/2023/1xxx/CVE-2023-1833.json new file mode 100644 index 00000000000..7f9b195255f --- /dev/null +++ b/2023/1xxx/CVE-2023-1833.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1833", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/23xxx/CVE-2023-23594.json b/2023/23xxx/CVE-2023-23594.json index a54b0b6bde1..b31fdb128c1 100644 --- a/2023/23xxx/CVE-2023-23594.json +++ b/2023/23xxx/CVE-2023-23594.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://hackandpwn.com/disclosures/CVE-2023-23594.pdf", "url": "https://hackandpwn.com/disclosures/CVE-2023-23594.pdf" + }, + { + "refsource": "MISC", + "name": "https://d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-Disclosure.pdf", + "url": "https://d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-Disclosure.pdf" } ] } diff --git a/2023/23xxx/CVE-2023-23870.json b/2023/23xxx/CVE-2023-23870.json index 465b7bd7a79..6946b53f10e 100644 --- a/2023/23xxx/CVE-2023-23870.json +++ b/2023/23xxx/CVE-2023-23870.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23870", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevart", + "product": { + "product_data": [ + { + "product_name": "Responsive Vertical Icon Menu", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.5.9", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.5.8", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/wpdevart-vertical-menu/wordpress-responsive-vertical-icon-menu-plugin-1-5-8-cross-site-scripting-xss?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/wpdevart-vertical-menu/wordpress-responsive-vertical-icon-menu-plugin-1-5-8-cross-site-scripting-xss?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 1.5.9 or a higher version." + } + ], + "value": "Update to\u00a01.5.9 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Rio Darmawan (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/23xxx/CVE-2023-23977.json b/2023/23xxx/CVE-2023-23977.json index 14720c13235..9433ec9f110 100644 --- a/2023/23xxx/CVE-2023-23977.json +++ b/2023/23xxx/CVE-2023-23977.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23977", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Team Heateor WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments plugin <= 1.6.1 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Team Heateor", + "product": { + "product_data": [ + { + "product_name": "WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.6.2", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.6.1", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/heateor-social-comments/wordpress-vkontakte-comments-and-disqus-comments-plugin-1-6-1-cross-site-scripting-xss?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/heateor-social-comments/wordpress-vkontakte-comments-and-disqus-comments-plugin-1-6-1-cross-site-scripting-xss?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 1.6.2 or a higher version." + } + ], + "value": "Update to\u00a01.6.2 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Rafshanzani Suhada (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/25xxx/CVE-2023-25303.json b/2023/25xxx/CVE-2023-25303.json index 4d27ea58c4b..d3cbec83bb5 100644 --- a/2023/25xxx/CVE-2023-25303.json +++ b/2023/25xxx/CVE-2023-25303.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-25303", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-25303", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ATLauncher <= 3.4.26.0 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/ATLauncher/ATLauncher/security/advisories/GHSA-7cff-8xv4-mvx6", + "url": "https://github.com/ATLauncher/ATLauncher/security/advisories/GHSA-7cff-8xv4-mvx6" + }, + { + "refsource": "MISC", + "name": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/", + "url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/" } ] } diff --git a/2023/25xxx/CVE-2023-25305.json b/2023/25xxx/CVE-2023-25305.json index 6407feae6e5..f2685d3b317 100644 --- a/2023/25xxx/CVE-2023-25305.json +++ b/2023/25xxx/CVE-2023-25305.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-25305", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-25305", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/", + "url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/" + }, + { + "refsource": "MISC", + "name": "https://github.com/PolyMC/PolyMC/security/advisories/GHSA-3rfr-g9g9-7gx2", + "url": "https://github.com/PolyMC/PolyMC/security/advisories/GHSA-3rfr-g9g9-7gx2" } ] } diff --git a/2023/25xxx/CVE-2023-25355.json b/2023/25xxx/CVE-2023-25355.json index df2d759f61f..9eccb7d73e7 100644 --- a/2023/25xxx/CVE-2023-25355.json +++ b/2023/25xxx/CVE-2023-25355.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-25355", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-25355", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2023/Mar/5", + "url": "https://seclists.org/fulldisclosure/2023/Mar/5" } ] } diff --git a/2023/25xxx/CVE-2023-25356.json b/2023/25xxx/CVE-2023-25356.json index 05595c4fdf1..32f9918ce38 100644 --- a/2023/25xxx/CVE-2023-25356.json +++ b/2023/25xxx/CVE-2023-25356.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-25356", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-25356", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leveraged to gain remote command execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2023/Mar/5", + "url": "https://seclists.org/fulldisclosure/2023/Mar/5" } ] } diff --git a/2023/26xxx/CVE-2023-26866.json b/2023/26xxx/CVE-2023-26866.json index 52a8a70cdb2..bc6dbd1334a 100644 --- a/2023/26xxx/CVE-2023-26866.json +++ b/2023/26xxx/CVE-2023-26866.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-26866", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-26866", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3_V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/lionelmusonza/CVE-2023-26866", + "url": "https://github.com/lionelmusonza/CVE-2023-26866" } ] } diff --git a/2023/28xxx/CVE-2023-28848.json b/2023/28xxx/CVE-2023-28848.json index 395abca9a90..d7330b24733 100644 --- a/2023/28xxx/CVE-2023-28848.json +++ b/2023/28xxx/CVE-2023-28848.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28848", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A vulnerability in versions 1.0.0 until 1.3.0 effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request. Users should upgrade user_oidc to 1.3.0 to receive a patch for the issue. No known workarounds are available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352: Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.0.0, < 1.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-52hv-xw32-wf7f", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-52hv-xw32-wf7f" + }, + { + "url": "https://github.com/nextcloud/user_oidc/pull/580", + "refsource": "MISC", + "name": "https://github.com/nextcloud/user_oidc/pull/580" + }, + { + "url": "https://hackerone.com/reports/1878381", + "refsource": "MISC", + "name": "https://hackerone.com/reports/1878381" + } + ] + }, + "source": { + "advisory": "GHSA-52hv-xw32-wf7f", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/28xxx/CVE-2023-28997.json b/2023/28xxx/CVE-2023-28997.json index 75fa4dc90cb..e3864dc5403 100644 --- a/2023/28xxx/CVE-2023-28997.json +++ b/2023/28xxx/CVE-2023-28997.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28997", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption", + "cweId": "CWE-323" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.0, < 3.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4p33-rw27-j5fc", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4p33-rw27-j5fc" + }, + { + "url": "https://github.com/nextcloud/desktop/pull/5324", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/pull/5324" + }, + { + "url": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf", + "refsource": "MISC", + "name": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf" + } + ] + }, + "source": { + "advisory": "GHSA-4p33-rw27-j5fc", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "PHYSICAL", + "availabilityImpact": "NONE", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2023/28xxx/CVE-2023-28998.json b/2023/28xxx/CVE-2023-28998.json index fb2c6bf195a..3d7796553cf 100644 --- a/2023/28xxx/CVE-2023-28998.json +++ b/2023/28xxx/CVE-2023-28998.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28998", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new files.\u200b Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-325: Missing Cryptographic Step", + "cweId": "CWE-325" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.0, < 3.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf", + "refsource": "MISC", + "name": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf" + }, + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jh3g-wpwv-cqgr", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jh3g-wpwv-cqgr" + }, + { + "url": "https://github.com/nextcloud/desktop/pull/5323", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/pull/5323" + } + ] + }, + "source": { + "advisory": "GHSA-jh3g-wpwv-cqgr", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "PHYSICAL", + "availabilityImpact": "NONE", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2023/28xxx/CVE-2023-28999.json b/2023/28xxx/CVE-2023-28999.json index c0cd388cee9..231578b4590 100644 --- a/2023/28xxx/CVE-2023-28999.json +++ b/2023/28xxx/CVE-2023-28999.json @@ -1,17 +1,103 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28999", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.\u200b This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-325: Missing Cryptographic Step", + "cweId": "CWE-325" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.0, < 3.8.0" + }, + { + "version_affected": "=", + "version_value": ">= 3.13.0, < 3.25.0" + }, + { + "version_affected": "=", + "version_value": ">= 3.0.5, < 4.8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf", + "refsource": "MISC", + "name": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf" + }, + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8875-wxww-3rr8", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8875-wxww-3rr8" + }, + { + "url": "https://github.com/nextcloud/desktop/pull/5560", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/pull/5560" + } + ] + }, + "source": { + "advisory": "GHSA-8875-wxww-3rr8", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "PHYSICAL", + "availabilityImpact": "LOW", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2023/29xxx/CVE-2023-29000.json b/2023/29xxx/CVE-2023-29000.json index 339413df794..14ba86a52c7 100644 --- a/2023/29xxx/CVE-2023-29000.json +++ b/2023/29xxx/CVE-2023-29000.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-29000", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a malicious server could get the desktop client to encrypt files with a key known to the attacker. This issue is fixed in Nextcloud Desktop 3.7.0. No known workarounds are available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-295: Improper Certificate Validation", + "cweId": "CWE-295" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.0, < 3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h82x-98q3-7534", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h82x-98q3-7534" + }, + { + "url": "https://github.com/nextcloud/desktop/pull/4949", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/pull/4949" + }, + { + "url": "https://hackerone.com/reports/1679267", + "refsource": "MISC", + "name": "https://hackerone.com/reports/1679267" + } + ] + }, + "source": { + "advisory": "GHSA-h82x-98q3-7534", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.1" } ] }