diff --git a/2023/20xxx/CVE-2023-20268.json b/2023/20xxx/CVE-2023-20268.json index 4763886ac82..0dd44f5ac24 100644 --- a/2023/20xxx/CVE-2023-20268.json +++ b/2023/20xxx/CVE-2023-20268.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.\r\n\r This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic." + "value": "A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. \r\n\r\nThis vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic." } ] }, @@ -41,91 +41,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "8.2.100.0" - }, - { - "version_affected": "=", - "version_value": "8.2.130.0" - }, - { - "version_affected": "=", - "version_value": "8.2.111.0" - }, - { - "version_affected": "=", - "version_value": "8.2.110.0" - }, - { - "version_affected": "=", - "version_value": "8.2.121.0" - }, - { - "version_affected": "=", - "version_value": "8.2.141.0" - }, - { - "version_affected": "=", - "version_value": "8.2.151.0" - }, - { - "version_affected": "=", - "version_value": "8.2.160.0" - }, - { - "version_affected": "=", - "version_value": "8.2.161.0" - }, - { - "version_affected": "=", - "version_value": "8.2.164.0" - }, - { - "version_affected": "=", - "version_value": "8.2.166.0" - }, - { - "version_affected": "=", - "version_value": "8.2.170.0" - }, - { - "version_affected": "=", - "version_value": "8.2.163.0" - }, - { - "version_affected": "=", - "version_value": "8.3.102.0" - }, - { - "version_affected": "=", - "version_value": "8.3.111.0" - }, - { - "version_affected": "=", - "version_value": "8.3.112.0" - }, - { - "version_affected": "=", - "version_value": "8.3.121.0" - }, - { - "version_affected": "=", - "version_value": "8.3.122.0" - }, - { - "version_affected": "=", - "version_value": "8.3.130.0" - }, - { - "version_affected": "=", - "version_value": "8.3.131.0" - }, - { - "version_affected": "=", - "version_value": "8.3.132.0" - }, - { - "version_affected": "=", - "version_value": "8.3.133.0" + "version_value": "8.3.135.0" }, { "version_affected": "=", @@ -133,160 +49,92 @@ }, { "version_affected": "=", - "version_value": "8.3.141.0" - }, - { - "version_affected": "=", - "version_value": "8.3.143.0" - }, - { - "version_affected": "=", - "version_value": "8.3.150.0" - }, - { - "version_affected": "=", - "version_value": "8.3.108.0" - }, - { - "version_affected": "=", - "version_value": "8.3.90.53" - }, - { - "version_affected": "=", - "version_value": "8.3.104.46" - }, - { - "version_affected": "=", - "version_value": "8.3.200.200" - }, - { - "version_affected": "=", - "version_value": "8.3.104.64" - }, - { - "version_affected": "=", - "version_value": "8.3.15.165" - }, - { - "version_affected": "=", - "version_value": "8.3.90.11" - }, - { - "version_affected": "=", - "version_value": "8.3.135.0" - }, - { - "version_affected": "=", - "version_value": "8.3.104.14" - }, - { - "version_affected": "=", - "version_value": "8.3.90.36" - }, - { - "version_affected": "=", - "version_value": "8.3.15.142" - }, - { - "version_affected": "=", - "version_value": "8.3.104.37" - }, - { - "version_affected": "=", - "version_value": "8.3.15.117" - }, - { - "version_affected": "=", - "version_value": "8.3.15.120" - }, - { - "version_affected": "=", - "version_value": "8.3.15.25" - }, - { - "version_affected": "=", - "version_value": "8.3.15.158" - }, - { - "version_affected": "=", - "version_value": "8.3.15.118" - }, - { - "version_affected": "=", - "version_value": "8.3.90.25" - }, - { - "version_affected": "=", - "version_value": "8.3.15.169" - }, - { - "version_affected": "=", - "version_value": "8.3.90.58" - }, - { - "version_affected": "=", - "version_value": "8.4.100.0" - }, - { - "version_affected": "=", - "version_value": "8.4.1.199" - }, - { - "version_affected": "=", - "version_value": "8.4.1.91" - }, - { - "version_affected": "=", - "version_value": "8.4.1.142" - }, - { - "version_affected": "=", - "version_value": "8.4.1.175" - }, - { - "version_affected": "=", - "version_value": "8.4.1.218" - }, - { - "version_affected": "=", - "version_value": "8.4.1.92" - }, - { - "version_affected": "=", - "version_value": "8.5.103.0" - }, - { - "version_affected": "=", - "version_value": "8.5.105.0" - }, - { - "version_affected": "=", - "version_value": "8.5.110.0" - }, - { - "version_affected": "=", - "version_value": "8.5.120.0" - }, - { - "version_affected": "=", - "version_value": "8.5.131.0" - }, - { - "version_affected": "=", - "version_value": "8.5.140.0" - }, - { - "version_affected": "=", - "version_value": "8.5.135.0" + "version_value": "8.8.111.0" }, { "version_affected": "=", "version_value": "8.5.151.0" }, + { + "version_affected": "=", + "version_value": "8.3.104.46" + }, + { + "version_affected": "=", + "version_value": "8.10.121.0" + }, + { + "version_affected": "=", + "version_value": "8.4.1.218" + }, + { + "version_affected": "=", + "version_value": "8.3.122.0" + }, + { + "version_affected": "=", + "version_value": "8.8.100.0" + }, + { + "version_affected": "=", + "version_value": "8.3.131.0" + }, + { + "version_affected": "=", + "version_value": "8.5.140.0" + }, + { + "version_affected": "=", + "version_value": "8.3.132.0" + }, + { + "version_affected": "=", + "version_value": "8.5.100.0" + }, + { + "version_affected": "=", + "version_value": "8.5.103.0" + }, + { + "version_affected": "=", + "version_value": "8.3.133.0" + }, + { + "version_affected": "=", + "version_value": "8.3.150.0" + }, { "version_affected": "=", "version_value": "8.5.101.0" }, + { + "version_affected": "=", + "version_value": "8.5.105.0" + }, + { + "version_affected": "=", + "version_value": "8.10.122.0" + }, + { + "version_affected": "=", + "version_value": "8.8.130.0" + }, + { + "version_affected": "=", + "version_value": "8.10.112.0" + }, + { + "version_affected": "=", + "version_value": "8.3.143.0" + }, + { + "version_affected": "=", + "version_value": "8.8.120.0" + }, + { + "version_affected": "=", + "version_value": "8.9.111.0" + }, { "version_affected": "=", "version_value": "8.5.102.0" @@ -297,103 +145,111 @@ }, { "version_affected": "=", - "version_value": "8.5.160.0" - }, - { - "version_affected": "=", - "version_value": "8.5.100.0" - }, - { - "version_affected": "=", - "version_value": "8.5.171.0" - }, - { - "version_affected": "=", - "version_value": "8.5.164.0" - }, - { - "version_affected": "=", - "version_value": "8.5.182.0" - }, - { - "version_affected": "=", - "version_value": "8.5.182.11 ME" - }, - { - "version_affected": "=", - "version_value": "8.7.102.0" - }, - { - "version_affected": "=", - "version_value": "8.7.106.0" - }, - { - "version_affected": "=", - "version_value": "8.7.1.16" - }, - { - "version_affected": "=", - "version_value": "8.8.100.0" - }, - { - "version_affected": "=", - "version_value": "8.8.111.0" - }, - { - "version_affected": "=", - "version_value": "8.8.120.0" - }, - { - "version_affected": "=", - "version_value": "8.8.125.0" - }, - { - "version_affected": "=", - "version_value": "8.8.130.0" - }, - { - "version_affected": "=", - "version_value": "8.6.101.0" - }, - { - "version_affected": "=", - "version_value": "8.6.1.84" - }, - { - "version_affected": "=", - "version_value": "8.6.1.70" - }, - { - "version_affected": "=", - "version_value": "8.6.1.71" + "version_value": "8.3.121.0" }, { "version_affected": "=", "version_value": "8.9.100.0" }, - { - "version_affected": "=", - "version_value": "8.9.111.0" - }, - { - "version_affected": "=", - "version_value": "8.10.105.0" - }, { "version_affected": "=", "version_value": "8.10.111.0" }, + { + "version_affected": "=", + "version_value": "8.2.170.0" + }, + { + "version_affected": "=", + "version_value": "8.2.163.0" + }, { "version_affected": "=", "version_value": "8.10.130.0" }, { "version_affected": "=", - "version_value": "8.10.112.0" + "version_value": "8.10.105.0" }, { "version_affected": "=", - "version_value": "8.10.122.0" + "version_value": "8.6.101.0" + }, + { + "version_affected": "=", + "version_value": "8.3.104.64" + }, + { + "version_affected": "=", + "version_value": "8.3.15.117" + }, + { + "version_affected": "=", + "version_value": "8.5.110.0" + }, + { + "version_affected": "=", + "version_value": "8.2.161.0" + }, + { + "version_affected": "=", + "version_value": "8.4.1.199" + }, + { + "version_affected": "=", + "version_value": "8.4.100.0" + }, + { + "version_affected": "=", + "version_value": "8.5.131.0" + }, + { + "version_affected": "=", + "version_value": "8.7.1.16" + }, + { + "version_affected": "=", + "version_value": "8.4.1.175" + }, + { + "version_affected": "=", + "version_value": "8.3.141.0" + }, + { + "version_affected": "=", + "version_value": "8.3.108.0" + }, + { + "version_affected": "=", + "version_value": "8.2.111.0" + }, + { + "version_affected": "=", + "version_value": "8.5.135.0" + }, + { + "version_affected": "=", + "version_value": "8.2.160.0" + }, + { + "version_affected": "=", + "version_value": "8.5.120.0" + }, + { + "version_affected": "=", + "version_value": "8.6.1.84" + }, + { + "version_affected": "=", + "version_value": "8.7.106.0" + }, + { + "version_affected": "=", + "version_value": "8.6.1.70" + }, + { + "version_affected": "=", + "version_value": "8.3.90.36" }, { "version_affected": "=", @@ -401,7 +257,139 @@ }, { "version_affected": "=", - "version_value": "8.10.121.0" + "version_value": "8.7.102.0" + }, + { + "version_affected": "=", + "version_value": "8.2.130.0" + }, + { + "version_affected": "=", + "version_value": "8.3.130.0" + }, + { + "version_affected": "=", + "version_value": "8.2.110.0" + }, + { + "version_affected": "=", + "version_value": "8.3.15.142" + }, + { + "version_affected": "=", + "version_value": "8.3.111.0" + }, + { + "version_affected": "=", + "version_value": "8.4.1.142" + }, + { + "version_affected": "=", + "version_value": "8.6.1.71" + }, + { + "version_affected": "=", + "version_value": "8.3.104.14" + }, + { + "version_affected": "=", + "version_value": "8.8.125.0" + }, + { + "version_affected": "=", + "version_value": "8.3.112.0" + }, + { + "version_affected": "=", + "version_value": "8.2.151.0" + }, + { + "version_affected": "=", + "version_value": "8.3.90.53" + }, + { + "version_affected": "=", + "version_value": "8.3.102.0" + }, + { + "version_affected": "=", + "version_value": "8.2.166.0" + }, + { + "version_affected": "=", + "version_value": "8.2.164.0" + }, + { + "version_affected": "=", + "version_value": "8.5.160.0" + }, + { + "version_affected": "=", + "version_value": "8.3.15.165" + }, + { + "version_affected": "=", + "version_value": "8.4.2.75" + }, + { + "version_affected": "=", + "version_value": "8.3.90.58" + }, + { + "version_affected": "=", + "version_value": "8.3.90.25" + }, + { + "version_affected": "=", + "version_value": "8.2.141.0" + }, + { + "version_affected": "=", + "version_value": "8.3.90.11" + }, + { + "version_affected": "=", + "version_value": "8.3.15.169" + }, + { + "version_affected": "=", + "version_value": "8.3.15.158" + }, + { + "version_affected": "=", + "version_value": "8.3.15.25" + }, + { + "version_affected": "=", + "version_value": "8.3.104.37" + }, + { + "version_affected": "=", + "version_value": "8.4.1.91" + }, + { + "version_affected": "=", + "version_value": "8.2.100.0" + }, + { + "version_affected": "=", + "version_value": "8.2.121.0" + }, + { + "version_affected": "=", + "version_value": "8.3.15.120" + }, + { + "version_affected": "=", + "version_value": "8.3.15.118" + }, + { + "version_affected": "=", + "version_value": "8.4.1.92" + }, + { + "version_affected": "=", + "version_value": "8.3.200.200" }, { "version_affected": "=", @@ -413,16 +401,44 @@ }, { "version_affected": "=", - "version_value": "8.10.151.0" + "version_value": "8.5.171.0" }, { "version_affected": "=", "version_value": "8.10.150.0" }, + { + "version_affected": "=", + "version_value": "8.10.151.0" + }, + { + "version_affected": "=", + "version_value": "8.5.164.0" + }, + { + "version_affected": "=", + "version_value": "8.10.161.0" + }, + { + "version_affected": "=", + "version_value": "8.10.162.0" + }, + { + "version_affected": "=", + "version_value": "8.5.182.0" + }, { "version_affected": "=", "version_value": "8.10.171.0" }, + { + "version_affected": "=", + "version_value": "8.10.170.0" + }, + { + "version_affected": "=", + "version_value": "8.10.180.0" + }, { "version_affected": "=", "version_value": "8.10.181.0" @@ -431,88 +447,17 @@ "version_affected": "=", "version_value": "8.10.182.0" }, - { - "version_affected": "=", - "version_value": "8.10.161.0" - }, - { - "version_affected": "=", - "version_value": "8.10.170.0" - }, { "version_affected": "=", "version_value": "8.10.183.0" }, { "version_affected": "=", - "version_value": "8.10.162.0" - } - ] - } - }, - { - "product_name": "Cisco Business Wireless Access Point Software", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "10.0.1.0" + "version_value": "8.10.185.0" }, { "version_affected": "=", - "version_value": "10.0.2.0" - }, - { - "version_affected": "=", - "version_value": "10.1.1.0" - }, - { - "version_affected": "=", - "version_value": "10.1.2.0" - }, - { - "version_affected": "=", - "version_value": "10.2.1.0" - }, - { - "version_affected": "=", - "version_value": "10.2.2.0" - }, - { - "version_affected": "=", - "version_value": "10.3.1.0" - }, - { - "version_affected": "=", - "version_value": "10.3.1.1" - }, - { - "version_affected": "=", - "version_value": "10.3.2.0" - }, - { - "version_affected": "=", - "version_value": "10.4.1.0" - }, - { - "version_affected": "=", - "version_value": "10.4.2.0" - }, - { - "version_affected": "=", - "version_value": "10.6.1.0" - }, - { - "version_affected": "=", - "version_value": "10.7.1.0" - }, - { - "version_affected": "=", - "version_value": "10.8.1.0" - }, - { - "version_affected": "=", - "version_value": "10.5.2.0" + "version_value": "8.5.182.11 ME" } ] } @@ -523,7 +468,11 @@ "version_data": [ { "version_affected": "=", - "version_value": "16.10.1e" + "version_value": "17.1.1t" + }, + { + "version_affected": "=", + "version_value": "16.10.1s" }, { "version_affected": "=", @@ -531,20 +480,44 @@ }, { "version_affected": "=", - "version_value": "17.1.1t" + "version_value": "17.3.1" }, { "version_affected": "=", - "version_value": "17.1.1s" + "version_value": "16.11.1b" + }, + { + "version_affected": "=", + "version_value": "17.1.2" }, { "version_affected": "=", "version_value": "17.1.1" }, + { + "version_affected": "=", + "version_value": "16.12.4" + }, + { + "version_affected": "=", + "version_value": "17.2.2" + }, + { + "version_affected": "=", + "version_value": "16.12.3" + }, { "version_affected": "=", "version_value": "16.11.1a" }, + { + "version_affected": "=", + "version_value": "16.12.2t" + }, + { + "version_affected": "=", + "version_value": "16.10.1e" + }, { "version_affected": "=", "version_value": "16.11.1" @@ -555,95 +528,23 @@ }, { "version_affected": "=", - "version_value": "16.11.1b" + "version_value": "17.1.1s" + }, + { + "version_affected": "=", + "version_value": "16.12.3s" }, { "version_affected": "=", "version_value": "16.12.1s" }, - { - "version_affected": "=", - "version_value": "16.12.4" - }, - { - "version_affected": "=", - "version_value": "16.12.1" - }, - { - "version_affected": "=", - "version_value": "16.12.2s" - }, { "version_affected": "=", "version_value": "16.12.1t" }, { "version_affected": "=", - "version_value": "16.12.4a" - }, - { - "version_affected": "=", - "version_value": "16.12.5" - }, - { - "version_affected": "=", - "version_value": "16.12.3" - }, - { - "version_affected": "=", - "version_value": "16.12.6" - }, - { - "version_affected": "=", - "version_value": "16.12.8" - }, - { - "version_affected": "=", - "version_value": "16.12.7" - }, - { - "version_affected": "=", - "version_value": "16.12.6a" - }, - { - "version_affected": "=", - "version_value": "17.3.1" - }, - { - "version_affected": "=", - "version_value": "17.3.2a" - }, - { - "version_affected": "=", - "version_value": "17.3.3" - }, - { - "version_affected": "=", - "version_value": "17.3.4" - }, - { - "version_affected": "=", - "version_value": "17.3.5" - }, - { - "version_affected": "=", - "version_value": "17.3.2" - }, - { - "version_affected": "=", - "version_value": "17.3.4c" - }, - { - "version_affected": "=", - "version_value": "17.3.5a" - }, - { - "version_affected": "=", - "version_value": "17.3.5b" - }, - { - "version_affected": "=", - "version_value": "17.3.6" + "version_value": "16.12.2s" }, { "version_affected": "=", @@ -655,63 +556,222 @@ }, { "version_affected": "=", - "version_value": "17.2.3" + "version_value": "16.12.1" }, { "version_affected": "=", - "version_value": "17.2.2" + "version_value": "17.1.3" }, { "version_affected": "=", - "version_value": "17.5.1" + "version_value": "17.3.2a" + }, + { + "version_affected": "=", + "version_value": "16.12.5" + }, + { + "version_affected": "=", + "version_value": "17.3.2" }, { "version_affected": "=", "version_value": "17.4.1" }, + { + "version_affected": "=", + "version_value": "16.12.4a" + }, + { + "version_affected": "=", + "version_value": "17.3.3" + }, + { + "version_affected": "=", + "version_value": "17.2.3" + }, + { + "version_affected": "=", + "version_value": "17.5.1" + }, { "version_affected": "=", "version_value": "17.4.2" }, + { + "version_affected": "=", + "version_value": "17.3.5" + }, + { + "version_affected": "=", + "version_value": "17.3.4" + }, + { + "version_affected": "=", + "version_value": "16.12.6" + }, { "version_affected": "=", "version_value": "17.6.1" }, + { + "version_affected": "=", + "version_value": "17.7.1" + }, { "version_affected": "=", "version_value": "17.6.2" }, + { + "version_affected": "=", + "version_value": "16.12.6a" + }, + { + "version_affected": "=", + "version_value": "17.3.4c" + }, + { + "version_affected": "=", + "version_value": "16.12.7" + }, + { + "version_affected": "=", + "version_value": "17.3.5a" + }, { "version_affected": "=", "version_value": "17.6.3" }, { "version_affected": "=", - "version_value": "17.6.4" - }, - { - "version_affected": "=", - "version_value": "17.6.5" - }, - { - "version_affected": "=", - "version_value": "17.10.1" + "version_value": "17.8.1" }, { "version_affected": "=", "version_value": "17.9.1" }, + { + "version_affected": "=", + "version_value": "16.12.8" + }, + { + "version_affected": "=", + "version_value": "17.6.4" + }, + { + "version_affected": "=", + "version_value": "17.3.5b" + }, + { + "version_affected": "=", + "version_value": "17.3.6" + }, + { + "version_affected": "=", + "version_value": "17.10.1" + }, { "version_affected": "=", "version_value": "17.9.2" }, { "version_affected": "=", - "version_value": "17.7.1" + "version_value": "17.6.5" }, { "version_affected": "=", - "version_value": "17.8.1" + "version_value": "17.3.7" + }, + { + "version_affected": "=", + "version_value": "17.9.3" + }, + { + "version_affected": "=", + "version_value": "17.11.1" + }, + { + "version_affected": "=", + "version_value": "17.6.6" + }, + { + "version_affected": "=", + "version_value": "17.3.8" + } + ] + } + }, + { + "product_name": "Cisco Business Wireless Access Point Software", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.3.1.0" + }, + { + "version_affected": "=", + "version_value": "10.0.1.0" + }, + { + "version_affected": "=", + "version_value": "10.2.1.0" + }, + { + "version_affected": "=", + "version_value": "10.1.1.0" + }, + { + "version_affected": "=", + "version_value": "10.3.1.1" + }, + { + "version_affected": "=", + "version_value": "10.4.1.0" + }, + { + "version_affected": "=", + "version_value": "10.6.1.0" + }, + { + "version_affected": "=", + "version_value": "10.1.2.0" + }, + { + "version_affected": "=", + "version_value": "10.0.2.0" + }, + { + "version_affected": "=", + "version_value": "10.7.1.0" + }, + { + "version_affected": "=", + "version_value": "10.2.2.0" + }, + { + "version_affected": "=", + "version_value": "0.0.0.0" + }, + { + "version_affected": "=", + "version_value": "10.3.2.0" + }, + { + "version_affected": "=", + "version_value": "10.4.2.0" + }, + { + "version_affected": "=", + "version_value": "10.8.1.0" + }, + { + "version_affected": "=", + "version_value": "10.5.2.0" + }, + { + "version_affected": "=", + "version_value": "10.9.1.0" } ] } diff --git a/2024/12xxx/CVE-2024-12582.json b/2024/12xxx/CVE-2024-12582.json new file mode 100644 index 00000000000..c808f3195bc --- /dev/null +++ b/2024/12xxx/CVE-2024-12582.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12582", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12583.json b/2024/12xxx/CVE-2024-12583.json new file mode 100644 index 00000000000..4dc52d389f0 --- /dev/null +++ b/2024/12xxx/CVE-2024-12583.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12583", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12584.json b/2024/12xxx/CVE-2024-12584.json new file mode 100644 index 00000000000..2763923d1a1 --- /dev/null +++ b/2024/12xxx/CVE-2024-12584.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12584", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/20xxx/CVE-2024-20767.json b/2024/20xxx/CVE-2024-20767.json index e5033a3f671..d8911b926bb 100644 --- a/2024/20xxx/CVE-2024-20767.json +++ b/2024/20xxx/CVE-2024-20767.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction." + "value": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify restricted files. Exploitation of this issue does not require user interaction. Exploitation of this issue requires the admin panel be exposed to the internet." } ] }, @@ -77,35 +77,35 @@ "impact": { "cvss": [ { - "attackComplexity": "LOW", + "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 8.2, + "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 8.2, + "environmentalScore": 7.4, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", + "integrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", + "modifiedAttackComplexity": "HIGH", "modifiedAttackVector": "NETWORK", "modifiedAvailabilityImpact": "NONE", "modifiedConfidentialityImpact": "HIGH", - "modifiedIntegrityImpact": "LOW", + "modifiedIntegrityImpact": "HIGH", "modifiedPrivilegesRequired": "NONE", - "modifiedScope": "NOT_DEFINED", + "modifiedScope": "UNCHANGED", "modifiedUserInteraction": "NONE", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 8.2, + "temporalScore": 7.4, "temporalSeverity": "HIGH", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } ] diff --git a/2024/26xxx/CVE-2024-26050.json b/2024/26xxx/CVE-2024-26050.json index b0675433d13..6858c014746 100644 --- a/2024/26xxx/CVE-2024-26050.json +++ b/2024/26xxx/CVE-2024-26050.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + "value": "Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." } ] }, diff --git a/2024/26xxx/CVE-2024-26119.json b/2024/26xxx/CVE-2024-26119.json index 1402e3d7a00..1a0ccdaca1a 100644 --- a/2024/26xxx/CVE-2024-26119.json +++ b/2024/26xxx/CVE-2024-26119.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + "value": "Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or user's privacy. Exploitation of this issue does not require user interaction." } ] }, @@ -21,8 +21,8 @@ "description": [ { "lang": "eng", - "value": "Improper Access Control (CWE-284)", - "cweId": "CWE-284" + "value": "Information Exposure (CWE-200)", + "cweId": "CWE-200" } ] } diff --git a/2024/30xxx/CVE-2024-30281.json b/2024/30xxx/CVE-2024-30281.json index 00769e2e098..4a93d5eda5b 100644 --- a/2024/30xxx/CVE-2024-30281.json +++ b/2024/30xxx/CVE-2024-30281.json @@ -83,20 +83,20 @@ "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 5.5, "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "HIGH", + "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "NONE", - "modifiedIntegrityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", - "modifiedScope": "NOT_DEFINED", + "modifiedScope": "UNCHANGED", "modifiedUserInteraction": "REQUIRED", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", @@ -105,7 +105,7 @@ "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2024/30xxx/CVE-2024-30314.json b/2024/30xxx/CVE-2024-30314.json index 86b6a0073f4..5ab63780c22 100644 --- a/2024/30xxx/CVE-2024-30314.json +++ b/2024/30xxx/CVE-2024-30314.json @@ -78,34 +78,34 @@ "cvss": [ { "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 9.3, - "baseSeverity": "CRITICAL", + "baseScore": 7.8, + "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 9.3, - "environmentalSeverity": "CRITICAL", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "HIGH", "modifiedPrivilegesRequired": "NONE", - "modifiedScope": "NOT_DEFINED", + "modifiedScope": "UNCHANGED", "modifiedUserInteraction": "REQUIRED", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 9.3, - "temporalSeverity": "CRITICAL", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } ] diff --git a/2024/31xxx/CVE-2024-31670.json b/2024/31xxx/CVE-2024-31670.json index f56170c3420..86ea555fbd7 100644 --- a/2024/31xxx/CVE-2024-31670.json +++ b/2024/31xxx/CVE-2024-31670.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31670", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31670", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "rizin before v0.6.3 is vulnerable to Buffer Overflow via create_cache_bins, read_cache_accel, and rz_dyldcache_new_buf functions in librz/bin/format/mach0/dyldcache.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02", + "refsource": "MISC", + "name": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02" } ] } diff --git a/2024/41xxx/CVE-2024-41836.json b/2024/41xxx/CVE-2024-41836.json index c693d778846..e76944e4eb8 100644 --- a/2024/41xxx/CVE-2024-41836.json +++ b/2024/41xxx/CVE-2024-41836.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + "value": "InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file." } ] }, @@ -79,11 +79,11 @@ { "attackComplexity": "LOW", "attackVector": "LOCAL", - "availabilityImpact": "NONE", + "availabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", + "confidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 5.5, "environmentalSeverity": "MEDIUM", @@ -92,11 +92,11 @@ "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "HIGH", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "NONE", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", - "modifiedScope": "NOT_DEFINED", + "modifiedScope": "UNCHANGED", "modifiedUserInteraction": "REQUIRED", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", @@ -105,7 +105,7 @@ "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } ] diff --git a/2024/41xxx/CVE-2024-41871.json b/2024/41xxx/CVE-2024-41871.json index 517e4b3ab82..4d2253c5e27 100644 --- a/2024/41xxx/CVE-2024-41871.json +++ b/2024/41xxx/CVE-2024-41871.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + "value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." } ] }, diff --git a/2024/45xxx/CVE-2024-45119.json b/2024/45xxx/CVE-2024-45119.json index 628a77ea686..b9f53f061e4 100644 --- a/2024/45xxx/CVE-2024-45119.json +++ b/2024/45xxx/CVE-2024-45119.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs and have a low impact on both confidentiality and integrity. Exploitation of this issue does not require user interaction and scope is changed." + "value": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction." } ] }, @@ -81,31 +81,31 @@ "attackVector": "NETWORK", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.5, + "baseScore": 4.9, "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.5, + "environmentalScore": 4.9, "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", + "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "NETWORK", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "HIGH", - "modifiedScope": "CHANGED", + "modifiedScope": "UNCHANGED", "modifiedUserInteraction": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.5, + "scope": "UNCHANGED", + "temporalScore": 4.9, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2024/45xxx/CVE-2024-45149.json b/2024/45xxx/CVE-2024-45149.json index 93be6567b10..d3bb9c5ef4d 100644 --- a/2024/45xxx/CVE-2024-45149.json +++ b/2024/45xxx/CVE-2024-45149.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction." + "value": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction." } ] }, diff --git a/2024/47xxx/CVE-2024-47238.json b/2024/47xxx/CVE-2024-47238.json index d45e4e22744..404349a4a4c 100644 --- a/2024/47xxx/CVE-2024-47238.json +++ b/2024/47xxx/CVE-2024-47238.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47238", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "Dell Client Platform BIOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "N/A", + "version_value": "1.29.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000227595/dsa-2024-355", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-us/000227595/dsa-2024-355" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Dell Technologies would like to thank Eclypsium for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52035.json b/2024/52xxx/CVE-2024-52035.json new file mode 100644 index 00000000000..59567877703 --- /dev/null +++ b/2024/52xxx/CVE-2024-52035.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52035", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/55xxx/CVE-2024-55662.json b/2024/55xxx/CVE-2024-55662.json index fbbfc1b7b04..68b51b4c959 100644 --- a/2024/55xxx/CVE-2024-55662.json +++ b/2024/55xxx/CVE-2024-55662.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-55662", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Repository Application` is installed, any user can execute any code requiring `programming` rights on the server. This vulnerability has been fixed in XWiki 15.10.9 and 16.3.0. Since `Extension Repository Application` is not mandatory, it can be safely disabled on instances that do not use it as a workaround. It is also possible to manually apply the patches from commit 8659f17d500522bf33595e402391592a35a162e8 to the page `ExtensionCode.ExtensionSheet` and to the page `ExtensionCode.ExtensionAuthorsDisplayer`." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", + "cweId": "CWE-96" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-863: Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.3-milestone-1, < 15.10.9" + }, + { + "version_affected": "=", + "version_value": ">= 16.0.0-rc-1, < 16.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-j2pq-22jj-4pm5", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-j2pq-22jj-4pm5" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/8659f17d500522bf33595e402391592a35a162e8", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/8659f17d500522bf33595e402391592a35a162e8" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21890", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21890" + } + ] + }, + "source": { + "advisory": "GHSA-j2pq-22jj-4pm5", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] }