admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-12-08 06:00:31 +00:00
parent 73b5cc17a5
commit ec1836f518
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
3 changed files with 204 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
2023/32xxx/CVE-2023-32460.json
View File

@ -1,17 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-32460",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@dell.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\nDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dell",
"product": {
"product_data": [
{
"product_name": "PowerEdge Platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions prior to 1.6.6"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.3.6"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.1.2"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.12.1"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.8.1"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.13.3"
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.13.3"
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.20.1"
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.20.0"
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.15.1"
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.21.0"
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.18.1 "
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.13.0\u202f "
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.18.2 "
},
{
"version_affected": "=",
"version_value": "Versions prior to 1.18.1\u202f "
},
{
"version_affected": "=",
"version_value": "Versions prior to 2.19.1\u202f "
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability",
"refsource": "MISC",
"name": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

10
2023/42xxx/CVE-2023-42568.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with SystemUI privilege."
"value": "Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege."
}
]
},
@ -77,12 +77,12 @@
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseSeverity": "MEDIUM",
"baseScore": 5.9,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
}
]
}

71
2023/45xxx/CVE-2023-45866.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-45866",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-45866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bluetooth.com",
"refsource": "MISC",
"name": "https://bluetooth.com"
},
{
"url": "http://changelogs.ubuntu.com/changelogs/pool/main/b/bluez/bluez_5.64-0ubuntu1/changelog",
"refsource": "MISC",
"name": "http://changelogs.ubuntu.com/changelogs/pool/main/b/bluez/bluez_5.64-0ubuntu1/changelog"
},
{
"refsource": "MISC",
"name": "https://github.com/skysafe/reblog/tree/main/cve-2023-45866",
"url": "https://github.com/skysafe/reblog/tree/main/cve-2023-45866"
},
{
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/input?id=25a471a83e02e1effb15d5a488b3f0085eaeb675",
"url": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/input?id=25a471a83e02e1effb15d5a488b3f0085eaeb675"
}
]
}