diff --git a/2023/0xxx/CVE-2023-0863.json b/2023/0xxx/CVE-2023-0863.json index c187c4aaed4..f5e233bb9bd 100644 --- a/2023/0xxx/CVE-2023-0863.json +++ b/2023/0xxx/CVE-2023-0863.json @@ -1,17 +1,166 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0863", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cybersecurity@ch.abb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287 Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ABB", + "product": { + "product_data": [ + { + "product_name": "Terra AC wallbox (UL40/80A)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.5.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (UL32A) ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) (Terra AC MID)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Terra AC Juno CE", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Terra AC PTB ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.5.25" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Symbiosis", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.2.7" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (JP)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch", + "refsource": "MISC", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/0xxx/CVE-2023-0864.json b/2023/0xxx/CVE-2023-0864.json index 99c59ba9638..728ecb3ae13 100644 --- a/2023/0xxx/CVE-2023-0864.json +++ b/2023/0xxx/CVE-2023-0864.json @@ -1,17 +1,166 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0864", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cybersecurity@ch.abb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-319 Cleartext Transmission of Sensitive Information", + "cweId": "CWE-319" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ABB", + "product": { + "product_data": [ + { + "product_name": "Terra AC wallbox (UL40/80A)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.5.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (UL32A) ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) (Terra AC MID)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Terra AC Juno CE", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Terra AC PTB ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.5.25" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (CE) Symbiosis", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.2.7" + } + ] + } + }, + { + "product_name": "Terra AC wallbox (JP)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0;0", + "version_value": "1.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch", + "refsource": "MISC", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/2xxx/CVE-2023-2469.json b/2023/2xxx/CVE-2023-2469.json index 68035372969..bb02eb0747c 100644 --- a/2023/2xxx/CVE-2023-2469.json +++ b/2023/2xxx/CVE-2023-2469.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2469", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@usom.gov.tr", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } diff --git a/2023/2xxx/CVE-2023-2754.json b/2023/2xxx/CVE-2023-2754.json new file mode 100644 index 00000000000..eb5ad6ea9c1 --- /dev/null +++ b/2023/2xxx/CVE-2023-2754.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-2754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file