From e470d4a381b5474668468cbda70bf53982f2e8f8 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 3 Apr 2024 17:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/35xxx/CVE-2023-35812.json | 73 +++++++- 2023/44xxx/CVE-2023-44038.json | 61 +++++- 2023/44xxx/CVE-2023-44040.json | 61 +++++- 2023/45xxx/CVE-2023-45552.json | 61 +++++- 2024/1xxx/CVE-2024-1180.json | 68 ++++++- 2024/20xxx/CVE-2024-20281.json | 293 ++++++++++++++++++++++++++++- 2024/20xxx/CVE-2024-20282.json | 185 +++++++++++++++++- 2024/20xxx/CVE-2024-20283.json | 185 +++++++++++++++++- 2024/20xxx/CVE-2024-20302.json | 85 ++++++++- 2024/20xxx/CVE-2024-20310.json | 268 +++++++++++++++++++++++++- 2024/20xxx/CVE-2024-20332.json | 105 ++++++++++- 2024/20xxx/CVE-2024-20334.json | 85 ++++++++- 2024/20xxx/CVE-2024-20347.json | 82 +++++++- 2024/20xxx/CVE-2024-20348.json | 85 ++++++++- 2024/20xxx/CVE-2024-20352.json | 221 +++++++++++++++++++++- 2024/20xxx/CVE-2024-20362.json | 189 ++++++++++++++++++- 2024/20xxx/CVE-2024-20367.json | 333 ++++++++++++++++++++++++++++++++- 2024/20xxx/CVE-2024-20368.json | 221 +++++++++++++++++++++- 2024/23xxx/CVE-2024-23540.json | 77 +++++++- 2024/26xxx/CVE-2024-26701.json | 8 +- 2024/27xxx/CVE-2024-27335.json | 68 ++++++- 2024/27xxx/CVE-2024-27336.json | 68 ++++++- 2024/27xxx/CVE-2024-27337.json | 68 ++++++- 2024/27xxx/CVE-2024-27338.json | 68 ++++++- 2024/27xxx/CVE-2024-27339.json | 68 ++++++- 2024/27xxx/CVE-2024-27340.json | 68 ++++++- 2024/27xxx/CVE-2024-27341.json | 68 ++++++- 2024/27xxx/CVE-2024-27342.json | 68 ++++++- 2024/27xxx/CVE-2024-27343.json | 68 ++++++- 2024/27xxx/CVE-2024-27344.json | 68 ++++++- 2024/27xxx/CVE-2024-27345.json | 68 ++++++- 2024/27xxx/CVE-2024-27346.json | 68 ++++++- 2024/27xxx/CVE-2024-27673.json | 4 +- 2024/27xxx/CVE-2024-27674.json | 61 +++++- 2024/2xxx/CVE-2024-2005.json | 8 +- 2024/30xxx/CVE-2024-30322.json | 73 +++++++- 2024/30xxx/CVE-2024-30323.json | 73 +++++++- 2024/30xxx/CVE-2024-30324.json | 73 +++++++- 2024/30xxx/CVE-2024-30325.json | 73 +++++++- 2024/30xxx/CVE-2024-30326.json | 73 +++++++- 2024/30xxx/CVE-2024-30327.json | 73 +++++++- 2024/30xxx/CVE-2024-30328.json | 73 +++++++- 2024/30xxx/CVE-2024-30329.json | 73 +++++++- 2024/30xxx/CVE-2024-30330.json | 73 +++++++- 2024/30xxx/CVE-2024-30331.json | 73 +++++++- 2024/30xxx/CVE-2024-30332.json | 73 +++++++- 2024/30xxx/CVE-2024-30333.json | 73 +++++++- 2024/30xxx/CVE-2024-30334.json | 73 +++++++- 2024/30xxx/CVE-2024-30366.json | 73 +++++++- 2024/31xxx/CVE-2024-31420.json | 17 +- 2024/31xxx/CVE-2024-31436.json | 18 ++ 2024/31xxx/CVE-2024-31437.json | 18 ++ 2024/31xxx/CVE-2024-31438.json | 18 ++ 2024/31xxx/CVE-2024-31439.json | 18 ++ 2024/31xxx/CVE-2024-31440.json | 18 ++ 2024/3xxx/CVE-2024-3266.json | 18 ++ 2024/3xxx/CVE-2024-3267.json | 18 ++ 57 files changed, 4597 insertions(+), 203 deletions(-) create mode 100644 2024/31xxx/CVE-2024-31436.json create mode 100644 2024/31xxx/CVE-2024-31437.json create mode 100644 2024/31xxx/CVE-2024-31438.json create mode 100644 2024/31xxx/CVE-2024-31439.json create mode 100644 2024/31xxx/CVE-2024-31440.json create mode 100644 2024/3xxx/CVE-2024-3266.json create mode 100644 2024/3xxx/CVE-2024-3267.json diff --git a/2023/35xxx/CVE-2023-35812.json b/2023/35xxx/CVE-2023-35812.json index 61cd54f565f..5f945c78ff4 100644 --- a/2023/35xxx/CVE-2023-35812.json +++ b/2023/35xxx/CVE-2023-35812.json @@ -1,18 +1,79 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-35812", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-35812", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, because of an incomplete fix for CVE-2019-6111 within these specific packages. The fix had only covered cases where an absolute path is passed to scp. When a relative path is used, there is no verification that the name of a file received by the client matches the file requested. Fixed packages are available with numbers 7.4p1-22.78.amzn1 and 7.4p1-22.amzn2.0.2." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://alas.aws.amazon.com/cve/html/CVE-2023-35812.html", + "url": "https://alas.aws.amazon.com/cve/html/CVE-2023-35812.html" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AC:H/AV:N/A:N/C:N/I:H/PR:N/S:U/UI:R", + "version": "3.1" + } + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2023/44xxx/CVE-2023-44038.json b/2023/44xxx/CVE-2023-44038.json index 66634cafbc8..8bfe8715765 100644 --- a/2023/44xxx/CVE-2023-44038.json +++ b/2023/44xxx/CVE-2023-44038.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-44038", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-44038", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://veridiumid.com/veridium-id-authentication-platform/", + "refsource": "MISC", + "name": "https://veridiumid.com/veridium-id-authentication-platform/" + }, + { + "refsource": "CONFIRM", + "name": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement", + "url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement" } ] } diff --git a/2023/44xxx/CVE-2023-44040.json b/2023/44xxx/CVE-2023-44040.json index 7889f7cf3ff..6b4f025202a 100644 --- a/2023/44xxx/CVE-2023-44040.json +++ b/2023/44xxx/CVE-2023-44040.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-44040", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-44040", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting (XSS) vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://veridiumid.com/veridium-id-authentication-platform/", + "refsource": "MISC", + "name": "https://veridiumid.com/veridium-id-authentication-platform/" + }, + { + "refsource": "CONFIRM", + "name": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement", + "url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement" } ] } diff --git a/2023/45xxx/CVE-2023-45552.json b/2023/45xxx/CVE-2023-45552.json index 0c7b95e96f4..744c014d153 100644 --- a/2023/45xxx/CVE-2023-45552.json +++ b/2023/45xxx/CVE-2023-45552.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-45552", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-45552", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In VeridiumID before 3.5.0, a stored cross-site scripting (XSS) vulnerability has been discovered in the admin portal that allows an authenticated attacker to take over all accounts by sending malicious input via the self-service portal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://veridiumid.com/veridium-id-authentication-platform/", + "refsource": "MISC", + "name": "https://veridiumid.com/veridium-id-authentication-platform/" + }, + { + "refsource": "CONFIRM", + "name": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement", + "url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-(v3.52)SecurityAdvisory-Acknowledgement" } ] } diff --git a/2024/1xxx/CVE-2024-1180.json b/2024/1xxx/CVE-2024-1180.json index c799af64b3b..fdfb89e5f0f 100644 --- a/2024/1xxx/CVE-2024-1180.json +++ b/2024/1xxx/CVE-2024-1180.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1180", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability.\n\nThe specific issue exists within the handling of the name field in the access control user interface. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22227." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TP-Link", + "product": { + "product_data": [ + { + "product_name": "Omada ER605", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1.2 Build 20230210 Rel.62992" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-086/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-086/" + } + ] + }, + "source": { + "lang": "en", + "value": "Noam Moshe of Claroty Research - Team82" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/20xxx/CVE-2024-20281.json b/2024/20xxx/CVE-2024-20281.json index b456e1117da..b5fc2b36a19 100644 --- a/2024/20xxx/CVE-2024-20281.json +++ b/2024/20xxx/CVE-2024-20281.json @@ -1,17 +1,302 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20281", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.\r\n\r This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. If the affected user has administrative privileges, these actions could include modifying the system configuration and creating new privileged accounts.\r\n\r Note: There are internal security mechanisms in place that limit the scope of this exploit, reducing the Security Impact Rating of this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Data Center Network Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.1(1)" + }, + { + "version_affected": "=", + "version_value": "12.1.1e" + }, + { + "version_affected": "=", + "version_value": "12.1.2e" + }, + { + "version_affected": "=", + "version_value": "12.1.3b" + }, + { + "version_affected": "=", + "version_value": "12.0.1a" + }, + { + "version_affected": "=", + "version_value": "12.0.2d" + }, + { + "version_affected": "=", + "version_value": "12.0.2f" + } + ] + } + }, + { + "product_name": "Cisco Nexus Dashboard", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1(0c)" + }, + { + "version_affected": "=", + "version_value": "1.1(0d)" + }, + { + "version_affected": "=", + "version_value": "1.1(2h)" + }, + { + "version_affected": "=", + "version_value": "1.1(2i)" + }, + { + "version_affected": "=", + "version_value": "1.1(3c)" + }, + { + "version_affected": "=", + "version_value": "1.1(3d)" + }, + { + "version_affected": "=", + "version_value": "1.1(3e)" + }, + { + "version_affected": "=", + "version_value": "1.1(3f)" + }, + { + "version_affected": "=", + "version_value": "2.0(1b)" + }, + { + "version_affected": "=", + "version_value": "2.0(1d)" + }, + { + "version_affected": "=", + "version_value": "2.0(2g)" + }, + { + "version_affected": "=", + "version_value": "2.0(2h)" + }, + { + "version_affected": "=", + "version_value": "2.1(1d)" + }, + { + "version_affected": "=", + "version_value": "2.1(1e)" + }, + { + "version_affected": "=", + "version_value": "2.1(2d)" + }, + { + "version_affected": "=", + "version_value": "2.1(2f)" + }, + { + "version_affected": "=", + "version_value": "2.2(1e)" + }, + { + "version_affected": "=", + "version_value": "2.2(1h)" + }, + { + "version_affected": "=", + "version_value": "2.2(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(1c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2b)" + }, + { + "version_affected": "=", + "version_value": "2.3(2c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(2e)" + }, + { + "version_affected": "=", + "version_value": "3.0(1f)" + } + ] + } + }, + { + "product_name": "Cisco Nexus Dashboard Orchestrator", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "Cisco Nexus Dashboard Insights", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.2.2.125" + }, + { + "version_affected": "=", + "version_value": "2.2.2.126" + }, + { + "version_affected": "=", + "version_value": "5.0.1.150" + }, + { + "version_affected": "=", + "version_value": "5.0.1.154" + }, + { + "version_affected": "=", + "version_value": "5.1.0.131" + }, + { + "version_affected": "=", + "version_value": "5.1.0.135" + }, + { + "version_affected": "=", + "version_value": "6.0.1" + }, + { + "version_affected": "=", + "version_value": "6.0.2" + }, + { + "version_affected": "=", + "version_value": "6.1.1" + }, + { + "version_affected": "=", + "version_value": "6.1.2" + }, + { + "version_affected": "=", + "version_value": "6.1.3" + }, + { + "version_affected": "=", + "version_value": "6.3.1" + }, + { + "version_affected": "=", + "version_value": "6.2.1" + }, + { + "version_affected": "=", + "version_value": "6.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfccsrf-TEmZEfJ9", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfccsrf-TEmZEfJ9" + } + ] + }, + "source": { + "advisory": "cisco-sa-ndfccsrf-TEmZEfJ9", + "discovery": "INTERNAL", + "defects": [ + "CSCwf16632", + "CSCwh13498", + "CSCwh00221", + "CSCwh00212" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" } ] } diff --git a/2024/20xxx/CVE-2024-20282.json b/2024/20xxx/CVE-2024-20282.json index 004f7130cc8..2274caad1e7 100644 --- a/2024/20xxx/CVE-2024-20282.json +++ b/2024/20xxx/CVE-2024-20282.json @@ -1,17 +1,194 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20282", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.\r\n\r This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Privilege Management", + "cweId": "CWE-269" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Nexus Dashboard", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1(0c)" + }, + { + "version_affected": "=", + "version_value": "1.1(0d)" + }, + { + "version_affected": "=", + "version_value": "1.1(2h)" + }, + { + "version_affected": "=", + "version_value": "1.1(2i)" + }, + { + "version_affected": "=", + "version_value": "1.1(3c)" + }, + { + "version_affected": "=", + "version_value": "1.1(3d)" + }, + { + "version_affected": "=", + "version_value": "1.1(3e)" + }, + { + "version_affected": "=", + "version_value": "1.1(3f)" + }, + { + "version_affected": "=", + "version_value": "2.0(1b)" + }, + { + "version_affected": "=", + "version_value": "2.0(1d)" + }, + { + "version_affected": "=", + "version_value": "2.0(2g)" + }, + { + "version_affected": "=", + "version_value": "2.0(2h)" + }, + { + "version_affected": "=", + "version_value": "2.1(1d)" + }, + { + "version_affected": "=", + "version_value": "2.1(1e)" + }, + { + "version_affected": "=", + "version_value": "2.1(2d)" + }, + { + "version_affected": "=", + "version_value": "2.1(2f)" + }, + { + "version_affected": "=", + "version_value": "2.2(1e)" + }, + { + "version_affected": "=", + "version_value": "2.2(1h)" + }, + { + "version_affected": "=", + "version_value": "2.2(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(1c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2b)" + }, + { + "version_affected": "=", + "version_value": "2.3(2c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(2e)" + }, + { + "version_affected": "=", + "version_value": "3.0(1f)" + }, + { + "version_affected": "=", + "version_value": "3.0(1i)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH" + } + ] + }, + "source": { + "advisory": "cisco-sa-ndru-pesc-kZ2PQLZH", + "discovery": "INTERNAL", + "defects": [ + "CSCwh02726" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20283.json b/2024/20xxx/CVE-2024-20283.json index 68df59b257b..3e64aa398bc 100644 --- a/2024/20xxx/CVE-2024-20283.json +++ b/2024/20xxx/CVE-2024-20283.json @@ -1,17 +1,194 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device.\r\n\r This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerability by sending queries to the API endpoint. A successful exploit could allow an attacker to access metrics and information about devices in the Nexus Dashboard cluster." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Nexus Dashboard", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1(0c)" + }, + { + "version_affected": "=", + "version_value": "1.1(0d)" + }, + { + "version_affected": "=", + "version_value": "1.1(2h)" + }, + { + "version_affected": "=", + "version_value": "1.1(2i)" + }, + { + "version_affected": "=", + "version_value": "1.1(3c)" + }, + { + "version_affected": "=", + "version_value": "1.1(3d)" + }, + { + "version_affected": "=", + "version_value": "1.1(3e)" + }, + { + "version_affected": "=", + "version_value": "1.1(3f)" + }, + { + "version_affected": "=", + "version_value": "2.0(1b)" + }, + { + "version_affected": "=", + "version_value": "2.0(1d)" + }, + { + "version_affected": "=", + "version_value": "2.0(2g)" + }, + { + "version_affected": "=", + "version_value": "2.0(2h)" + }, + { + "version_affected": "=", + "version_value": "2.1(1d)" + }, + { + "version_affected": "=", + "version_value": "2.1(1e)" + }, + { + "version_affected": "=", + "version_value": "2.1(2d)" + }, + { + "version_affected": "=", + "version_value": "2.1(2f)" + }, + { + "version_affected": "=", + "version_value": "2.2(1e)" + }, + { + "version_affected": "=", + "version_value": "2.2(1h)" + }, + { + "version_affected": "=", + "version_value": "2.2(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(1c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2b)" + }, + { + "version_affected": "=", + "version_value": "2.3(2c)" + }, + { + "version_affected": "=", + "version_value": "2.3(2d)" + }, + { + "version_affected": "=", + "version_value": "2.3(2e)" + }, + { + "version_affected": "=", + "version_value": "3.0(1f)" + }, + { + "version_affected": "=", + "version_value": "3.0(1i)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndidv-LmXdvAf2", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndidv-LmXdvAf2" + } + ] + }, + "source": { + "advisory": "cisco-sa-ndidv-LmXdvAf2", + "discovery": "INTERNAL", + "defects": [ + "CSCwh02784" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20302.json b/2024/20xxx/CVE-2024-20302.json index dd8751be15f..7a7b7a5d9ac 100644 --- a/2024/20xxx/CVE-2024-20302.json +++ b/2024/20xxx/CVE-2024-20302.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20302", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an authenticated, remote attacker to modify or delete tenant templates on an affected system. \r\n \r\nThis vulnerability is due to improper access controls within tenant security. An attacker who is using a valid user account with write privileges and either a Site Manager or Tenant Manager role could exploit this vulnerability. A successful exploit could allow the attacker to modify or delete tenant templates under non-associated tenants, which could disrupt network traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Nexus Dashboard Orchestrator", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-upav-YRqsCcSP", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-upav-YRqsCcSP" + } + ] + }, + "source": { + "advisory": "cisco-sa-ndo-upav-YRqsCcSP", + "discovery": "INTERNAL", + "defects": [ + "CSCwi31692" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" } ] } diff --git a/2024/20xxx/CVE-2024-20310.json b/2024/20xxx/CVE-2024-20310.json index 3510b4d5fd6..7ca872f9e9a 100644 --- a/2024/20xxx/CVE-2024-20310.json +++ b/2024/20xxx/CVE-2024-20310.json @@ -1,17 +1,277 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20310", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an authenticated user of the interface.\r\n\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Relative Path Traversal", + "cweId": "CWE-23" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco IOS XE Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "Cisco Unified Communications Manager IM and Presence Service", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)" + }, + { + "version_affected": "=", + "version_value": "10.5(2a)" + }, + { + "version_affected": "=", + "version_value": "10.5(2b)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU3" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3a" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU5a" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU8" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU9" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU10" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU11" + }, + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "14" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + }, + { + "version_affected": "=", + "version_value": "14SU2a" + }, + { + "version_affected": "=", + "version_value": "10.0(1)" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imps-xss-quWkd9yF", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imps-xss-quWkd9yF" + } + ] + }, + "source": { + "advisory": "cisco-sa-cucm-imps-xss-quWkd9yF", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf41335" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20332.json b/2024/20xxx/CVE-2024-20332.json index f988024faa3..9a4b41b15ef 100644 --- a/2024/20xxx/CVE-2024-20332.json +++ b/2024/20xxx/CVE-2024-20332.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20332", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Server-Side Request Forgery (SSRF)", + "cweId": "CWE-918" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.2.0" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-ssrf-FtSTh5Oz", + "discovery": "EXTERNAL", + "defects": [ + "CSCwi11965" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20334.json b/2024/20xxx/CVE-2024-20334.json index 76f8eae5852..0b360867cba 100644 --- a/2024/20xxx/CVE-2024-20334.json +++ b/2024/20xxx/CVE-2024-20334.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20334", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco TelePresence Management Suite (TMS)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y" + } + ] + }, + "source": { + "advisory": "cisco-sa-tms-xss-kGw4DX9Y", + "discovery": "INTERNAL", + "defects": [ + "CSCwh57988" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" } ] } diff --git a/2024/20xxx/CVE-2024-20347.json b/2024/20xxx/CVE-2024-20347.json index c60d58acad4..54d47d6118c 100644 --- a/2024/20xxx/CVE-2024-20347.json +++ b/2024/20xxx/CVE-2024-20347.json @@ -1,17 +1,91 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as deleting users from the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Emergency Responder", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr" + } + ] + }, + "source": { + "advisory": "cisco-sa-cem-csrf-suCmNjFr", + "discovery": "EXTERNAL" + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20348.json b/2024/20xxx/CVE-2024-20348.json index 6f9f431a511..b2fa631fb23 100644 --- a/2024/20xxx/CVE-2024-20348.json +++ b/2024/20xxx/CVE-2024-20348.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20348", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to read arbitrary files.\r\n\r This vulnerability is due to an unauthenticated provisioning web server. An attacker could exploit this vulnerability through direct web requests to the provisioning server. A successful exploit could allow the attacker to read sensitive files in the PnP container that could facilitate further attacks on the PnP infrastructure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal", + "cweId": "CWE-27" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Data Center Network Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.1.3b" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-dir-trav-SSn3AYDw", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-dir-trav-SSn3AYDw" + } + ] + }, + "source": { + "advisory": "cisco-sa-ndfc-dir-trav-SSn3AYDw", + "discovery": "INTERNAL", + "defects": [ + "CSCwi75139" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20352.json b/2024/20xxx/CVE-2024-20352.json index c3eac7bb798..646f145bd23 100644 --- a/2024/20xxx/CVE-2024-20352.json +++ b/2024/20xxx/CVE-2024-20352.json @@ -1,17 +1,230 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by sending crafted requests to the web UI. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as accessing password or log files or uploading and deleting existing files from the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Relative Path Traversal", + "cweId": "CWE-23" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Emergency Responder", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.5(1a)" + }, + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU4" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU3" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(3)" + }, + { + "version_affected": "=", + "version_value": "11.5(2)" + }, + { + "version_affected": "=", + "version_value": "11.5(4a)" + }, + { + "version_affected": "=", + "version_value": "11.5(4)" + }, + { + "version_affected": "=", + "version_value": "11.5(2a)" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU10" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU9" + }, + { + "version_affected": "=", + "version_value": "11.5(4)SU11" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1a)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU8" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU8a" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU8b" + }, + { + "version_affected": "=", + "version_value": "12.0(1) SU2" + }, + { + "version_affected": "=", + "version_value": "12.0(1) SU1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)" + }, + { + "version_affected": "=", + "version_value": "10.0.2" + }, + { + "version_affected": "=", + "version_value": "10.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + }, + { + "version_affected": "=", + "version_value": "14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr" + } + ] + }, + "source": { + "advisory": "cisco-sa-cem-csrf-suCmNjFr", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf41263" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20362.json b/2024/20xxx/CVE-2024-20362.json index a98f8e7c7bd..462c7aa6ca0 100644 --- a/2024/20xxx/CVE-2024-20362.json +++ b/2024/20xxx/CVE-2024-20362.json @@ -1,17 +1,198 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20362", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", + "cweId": "CWE-80" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Small Business RV Series Router Firmware", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1.0.09" + }, + { + "version_affected": "=", + "version_value": "1.1.1.19" + }, + { + "version_affected": "=", + "version_value": "1.1.1.06" + }, + { + "version_affected": "=", + "version_value": "1.2.1.14" + }, + { + "version_affected": "=", + "version_value": "2.0.0.19-tm" + }, + { + "version_affected": "=", + "version_value": "1.3.1.12" + }, + { + "version_affected": "=", + "version_value": "1.3.1.10" + }, + { + "version_affected": "=", + "version_value": "1.3.12.6-tm" + }, + { + "version_affected": "=", + "version_value": "1.3.13.02-tm" + }, + { + "version_affected": "=", + "version_value": "4.0.0.7" + }, + { + "version_affected": "=", + "version_value": "4.0.2.08-tm" + }, + { + "version_affected": "=", + "version_value": "4.0.3.03-tm" + }, + { + "version_affected": "=", + "version_value": "4.0.4.02-tm" + }, + { + "version_affected": "=", + "version_value": "4.2.2.08" + }, + { + "version_affected": "=", + "version_value": "4.2.3.03" + }, + { + "version_affected": "=", + "version_value": "4.2.3.06" + }, + { + "version_affected": "=", + "version_value": "4.2.3.07" + }, + { + "version_affected": "=", + "version_value": "4.2.3.09" + }, + { + "version_affected": "=", + "version_value": "4.2.3.10" + }, + { + "version_affected": "=", + "version_value": "4.2.3.14" + }, + { + "version_affected": "=", + "version_value": "1.4.2.15" + }, + { + "version_affected": "=", + "version_value": "1.4.2.17" + }, + { + "version_affected": "=", + "version_value": "1.4.2.19" + }, + { + "version_affected": "=", + "version_value": "1.4.2.22" + }, + { + "version_affected": "=", + "version_value": "3.0.0.1-tm" + }, + { + "version_affected": "=", + "version_value": "4.1.1.01" + }, + { + "version_affected": "=", + "version_value": "1.5.1.05" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup" + } + ] + }, + "source": { + "advisory": "cisco-sa-sbiz-rv-xss-OQeRTup", + "discovery": "EXTERNAL", + "defects": [ + "CSCwj24997" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20367.json b/2024/20xxx/CVE-2024-20367.json index 018e4b25dae..2395555f598 100644 --- a/2024/20xxx/CVE-2024-20367.json +++ b/2024/20xxx/CVE-2024-20367.json @@ -1,17 +1,342 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Enterprise Chat and Email", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES2" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES3" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES4" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES5" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES6" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES10" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES11" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES7" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES8" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES9" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES9a" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES12" + }, + { + "version_affected": "=", + "version_value": "12.0(1)" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES2" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES3" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES4" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES5" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES5a" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES6" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES6_ET1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES6_ET2" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES6_ET3" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES7" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES7_ET1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES3_ET1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ET1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES3_ET2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES4_ET1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES5_ET1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES7" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES8" + }, + { + "version_affected": "=", + "version_value": "12.6(1)" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ET2" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ET3" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES1_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES2" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES3" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES4" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES4_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES5" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES5_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES5_ET2" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES6" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES6_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES6_ET2" + }, + { + "version_affected": "=", + "version_value": "12.6_ES2_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6_ES2_ET2" + }, + { + "version_affected": "=", + "version_value": "12.6_ES2_ET3" + }, + { + "version_affected": "=", + "version_value": "12.6_ES2_ET4" + }, + { + "version_affected": "=", + "version_value": "12.6_ES3_ET1" + }, + { + "version_affected": "=", + "version_value": "12.6_ES3_ET2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-xss-CSQxgxfM", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-xss-CSQxgxfM" + } + ] + }, + "source": { + "advisory": "cisco-sa-ece-xss-CSQxgxfM", + "discovery": "EXTERNAL", + "defects": [ + "CSCwi28527" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20368.json b/2024/20xxx/CVE-2024-20368.json index da09f68f272..f6bf0627d1e 100644 --- a/2024/20xxx/CVE-2024-20368.json +++ b/2024/20xxx/CVE-2024-20368.json @@ -1,17 +1,230 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20368", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.\r\n\r This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the targeted user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.7.0" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p1" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p2" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p3" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p4" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p5" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p6" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p7" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p8" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p9" + }, + { + "version_affected": "=", + "version_value": "2.7.0 p10" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p6" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p7" + }, + { + "version_affected": "=", + "version_value": "3.0.0 p8" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p5" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p6" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p7" + }, + { + "version_affected": "=", + "version_value": "3.1.0 p8" + }, + { + "version_affected": "=", + "version_value": "3.2.0" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p1" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p2" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p3" + }, + { + "version_affected": "=", + "version_value": "3.2.0 p4" + }, + { + "version_affected": "=", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-csrf-NfAKXrp5", + "discovery": "INTERNAL", + "defects": [ + "CSCwf44736" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" } ] } diff --git a/2024/23xxx/CVE-2024-23540.json b/2024/23xxx/CVE-2024-23540.json index ecab05cffcd..ee41c66f0f4 100644 --- a/2024/23xxx/CVE-2024-23540.json +++ b/2024/23xxx/CVE-2024-23540.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23540", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@hcl.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HCL Software", + "product": { + "product_data": [ + { + "product_name": "BigFix Inventory", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.x, 10.x" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112015", + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112015" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" } ] } diff --git a/2024/26xxx/CVE-2024-26701.json b/2024/26xxx/CVE-2024-26701.json index b3ca07753bd..2f1f94df98e 100644 --- a/2024/26xxx/CVE-2024-26701.json +++ b/2024/26xxx/CVE-2024-26701.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-26701", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } diff --git a/2024/27xxx/CVE-2024-27335.json b/2024/27xxx/CVE-2024-27335.json index e42ba00b7ce..07fc74a6999 100644 --- a/2024/27xxx/CVE-2024-27335.json +++ b/2024/27xxx/CVE-2024-27335.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27335", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of PNG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22018." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-217/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-217/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27336.json b/2024/27xxx/CVE-2024-27336.json index b70eb7ea918..628a10f677d 100644 --- a/2024/27xxx/CVE-2024-27336.json +++ b/2024/27xxx/CVE-2024-27336.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27336", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PNG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22022." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-218/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-218/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/27xxx/CVE-2024-27337.json b/2024/27xxx/CVE-2024-27337.json index 8d390a8811c..7ca85205ac3 100644 --- a/2024/27xxx/CVE-2024-27337.json +++ b/2024/27xxx/CVE-2024-27337.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27337", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22033." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-230/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-230/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27338.json b/2024/27xxx/CVE-2024-27338.json index 1c3939bb9b4..a7703d3d480 100644 --- a/2024/27xxx/CVE-2024-27338.json +++ b/2024/27xxx/CVE-2024-27338.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27338", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF app response Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the implementation of the app.response method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22588." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-219/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-219/" + } + ] + }, + "source": { + "lang": "en", + "value": "rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27339.json b/2024/27xxx/CVE-2024-27339.json index cc796a25080..b5b831c8543 100644 --- a/2024/27xxx/CVE-2024-27339.json +++ b/2024/27xxx/CVE-2024-27339.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27339", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22925." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-231/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-231/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27340.json b/2024/27xxx/CVE-2024-27340.json index 24938832a68..25e26cfafcd 100644 --- a/2024/27xxx/CVE-2024-27340.json +++ b/2024/27xxx/CVE-2024-27340.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27340", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22926." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-220/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-220/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27341.json b/2024/27xxx/CVE-2024-27341.json index 2df58017b7a..1b443cfd9cb 100644 --- a/2024/27xxx/CVE-2024-27341.json +++ b/2024/27xxx/CVE-2024-27341.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27341", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22927." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-221/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-221/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27342.json b/2024/27xxx/CVE-2024-27342.json index a33498c7d92..9366cb5933d 100644 --- a/2024/27xxx/CVE-2024-27342.json +++ b/2024/27xxx/CVE-2024-27342.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27342", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22928." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-222/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-222/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27343.json b/2024/27xxx/CVE-2024-27343.json index 7685b524a33..858dda53317 100644 --- a/2024/27xxx/CVE-2024-27343.json +++ b/2024/27xxx/CVE-2024-27343.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27343", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22929." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-223/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-223/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/27xxx/CVE-2024-27344.json b/2024/27xxx/CVE-2024-27344.json index 1bd60f7b3fb..e5596fc0103 100644 --- a/2024/27xxx/CVE-2024-27344.json +++ b/2024/27xxx/CVE-2024-27344.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27344", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22931." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-224/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-224/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/27xxx/CVE-2024-27345.json b/2024/27xxx/CVE-2024-27345.json index bda1b9f31dd..097c5990f6e 100644 --- a/2024/27xxx/CVE-2024-27345.json +++ b/2024/27xxx/CVE-2024-27345.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22932." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-225/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-225/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/27xxx/CVE-2024-27346.json b/2024/27xxx/CVE-2024-27346.json index 68b31aaefa4..102e305e222 100644 --- a/2024/27xxx/CVE-2024-27346.json +++ b/2024/27xxx/CVE-2024-27346.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27346", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22934." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Kofax", + "product": { + "product_data": [ + { + "product_name": "Power PDF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.0.0.57 (5.0.0.10.0.23307)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-226/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-226/" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/27xxx/CVE-2024-27673.json b/2024/27xxx/CVE-2024-27673.json index 30d7c7e6a7a..814555cd186 100644 --- a/2024/27xxx/CVE-2024-27673.json +++ b/2024/27xxx/CVE-2024-27673.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2024-27673", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2024/27xxx/CVE-2024-27674.json b/2024/27xxx/CVE-2024-27674.json index 3858ead80b8..457820eec2d 100644 --- a/2024/27xxx/CVE-2024-27674.json +++ b/2024/27xxx/CVE-2024-27674.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27674", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27674", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Macro Expert through 4.9.4 allows BUILTIN\\Users:(OI)(CI)(M) access to the \"%PROGRAMFILES(X86)%\\GrassSoft\\Macro Expert\" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.macro-expert.com/", + "refsource": "MISC", + "name": "https://www.macro-expert.com/" + }, + { + "refsource": "MISC", + "name": "https://github.com/Alaatk/CVE-2024-27674/tree/main", + "url": "https://github.com/Alaatk/CVE-2024-27674/tree/main" } ] } diff --git a/2024/2xxx/CVE-2024-2005.json b/2024/2xxx/CVE-2024-2005.json index c66fe3a5080..38710d67920 100644 --- a/2024/2xxx/CVE-2024-2005.json +++ b/2024/2xxx/CVE-2024-2005.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "\n\n\nIn Blue Planet\u00ae products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.\n\nBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\n\n\n\n\n\n\n\n\n\n\n\n\n\n" + "value": "\nIn Blue Planet\u00ae products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.\n\nBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\n\n" } ] }, @@ -197,6 +197,12 @@ "value": "\nSoftware patch to be applied\n" } ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Prerit Chandok at Comcast" + } + ], "impact": { "cvss": [ { diff --git a/2024/30xxx/CVE-2024-30322.json b/2024/30xxx/CVE-2024-30322.json index a5e61dc3beb..1bea5ae52fc 100644 --- a/2024/30xxx/CVE-2024-30322.json +++ b/2024/30xxx/CVE-2024-30322.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30322", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22499." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-300/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-300/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30323.json b/2024/30xxx/CVE-2024-30323.json index 0f2a02096da..c1fb6c60b8e 100644 --- a/2024/30xxx/CVE-2024-30323.json +++ b/2024/30xxx/CVE-2024-30323.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30323", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-301/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-301/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30324.json b/2024/30xxx/CVE-2024-30324.json index 064a021c312..d159649bae5 100644 --- a/2024/30xxx/CVE-2024-30324.json +++ b/2024/30xxx/CVE-2024-30324.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30324", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22576." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-302/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-302/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30325.json b/2024/30xxx/CVE-2024-30325.json index 5a93c712ad4..a5ca859cbf9 100644 --- a/2024/30xxx/CVE-2024-30325.json +++ b/2024/30xxx/CVE-2024-30325.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30325", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22592." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-314/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-314/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30326.json b/2024/30xxx/CVE-2024-30326.json index c5474add675..f329cf3df0a 100644 --- a/2024/30xxx/CVE-2024-30326.json +++ b/2024/30xxx/CVE-2024-30326.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30326", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22593." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-313/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-313/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30327.json b/2024/30xxx/CVE-2024-30327.json index 33aa2520873..edeb911a64d 100644 --- a/2024/30xxx/CVE-2024-30327.json +++ b/2024/30xxx/CVE-2024-30327.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30327", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of template objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22632." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-311/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-311/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30328.json b/2024/30xxx/CVE-2024-30328.json index 4c2a3790428..d9aafc6a44c 100644 --- a/2024/30xxx/CVE-2024-30328.json +++ b/2024/30xxx/CVE-2024-30328.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30328", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22633." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-312/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-312/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30329.json b/2024/30xxx/CVE-2024-30329.json index a884ea51f09..e3f53de0c44 100644 --- a/2024/30xxx/CVE-2024-30329.json +++ b/2024/30xxx/CVE-2024-30329.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30329", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22634." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-310/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-310/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30330.json b/2024/30xxx/CVE-2024-30330.json index 611b65d371b..055cf29e023 100644 --- a/2024/30xxx/CVE-2024-30330.json +++ b/2024/30xxx/CVE-2024-30330.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30330", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-309/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-309/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30331.json b/2024/30xxx/CVE-2024-30331.json index a06864454f1..b134d99a648 100644 --- a/2024/30xxx/CVE-2024-30331.json +++ b/2024/30xxx/CVE-2024-30331.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30331", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22637." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-308/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-308/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30332.json b/2024/30xxx/CVE-2024-30332.json index ec3bd511627..4c0ef2da4c1 100644 --- a/2024/30xxx/CVE-2024-30332.json +++ b/2024/30xxx/CVE-2024-30332.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30332", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22638." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-305/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-305/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30333.json b/2024/30xxx/CVE-2024-30333.json index 54f9d26af71..5ce8bd5609a 100644 --- a/2024/30xxx/CVE-2024-30333.json +++ b/2024/30xxx/CVE-2024-30333.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30333", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22639." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-307/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-307/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30334.json b/2024/30xxx/CVE-2024-30334.json index 195f88c51c5..8fc7e07b98f 100644 --- a/2024/30xxx/CVE-2024-30334.json +++ b/2024/30xxx/CVE-2024-30334.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30334", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22640." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-306/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-306/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30366.json b/2024/30xxx/CVE-2024-30366.json index b612df0a6fd..3c0dc0b85fa 100644 --- a/2024/30xxx/CVE-2024-30366.json +++ b/2024/30xxx/CVE-2024-30366.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30366", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23002." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-344/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-344/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/31xxx/CVE-2024-31420.json b/2024/31xxx/CVE-2024-31420.json index dd2f9ad4442..32dfeb90602 100644 --- a/2024/31xxx/CVE-2024-31420.json +++ b/2024/31xxx/CVE-2024-31420.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio." + "value": "A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine." } ] }, @@ -52,6 +52,19 @@ } ] } + }, + { + "product_name": "kubevirt", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } } ] } @@ -67,7 +80,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "affected" + "defaultStatus": "unaffected" } } ] diff --git a/2024/31xxx/CVE-2024-31436.json b/2024/31xxx/CVE-2024-31436.json new file mode 100644 index 00000000000..90d3193f077 --- /dev/null +++ b/2024/31xxx/CVE-2024-31436.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31436", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31437.json b/2024/31xxx/CVE-2024-31437.json new file mode 100644 index 00000000000..812572a66db --- /dev/null +++ b/2024/31xxx/CVE-2024-31437.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31437", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31438.json b/2024/31xxx/CVE-2024-31438.json new file mode 100644 index 00000000000..400b232b080 --- /dev/null +++ b/2024/31xxx/CVE-2024-31438.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31439.json b/2024/31xxx/CVE-2024-31439.json new file mode 100644 index 00000000000..713a1de3275 --- /dev/null +++ b/2024/31xxx/CVE-2024-31439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31440.json b/2024/31xxx/CVE-2024-31440.json new file mode 100644 index 00000000000..28b9bc77c01 --- /dev/null +++ b/2024/31xxx/CVE-2024-31440.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3266.json b/2024/3xxx/CVE-2024-3266.json new file mode 100644 index 00000000000..db3d3fa9054 --- /dev/null +++ b/2024/3xxx/CVE-2024-3266.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3266", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3267.json b/2024/3xxx/CVE-2024-3267.json new file mode 100644 index 00000000000..06b68561454 --- /dev/null +++ b/2024/3xxx/CVE-2024-3267.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3267", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file