diff --git a/2023/29xxx/CVE-2023-29158.json b/2023/29xxx/CVE-2023-29158.json index 31976afe6d8..d62a48c6f8f 100644 --- a/2023/29xxx/CVE-2023-29158.json +++ b/2023/29xxx/CVE-2023-29158.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-29158", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\n\n\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.\n\n\n\n\n\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-294 Authentication Bypass by Capture-replay", + "cweId": "CWE-294" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SUBNET Solutions Inc.", + "product": { + "product_data": [ + { + "product_name": "PowerSYSTEM Center", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2020 U10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "INTERNAL" + }, + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

SUBNET Solutions recommends users to follow the following workarounds:


\n\n
" + } + ], + "value": "\nSUBNET Solutions recommends users to follow the following workarounds:\n\n * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\n * Users should verify network security rules to ensure that outbound connections to the internet are not possible.\n * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\n * Monitor user activity and ensure application control rules only allow preauthorized executables to run.\n * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\n\n\n\n\n\n\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

SUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).


" + } + ], + "value": "\nSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\n\n\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "SUBNET Solutions reported these vulnerabilities to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/32xxx/CVE-2023-32659.json b/2023/32xxx/CVE-2023-32659.json index 4b67916e914..ba0bca817ae 100644 --- a/2023/32xxx/CVE-2023-32659.json +++ b/2023/32xxx/CVE-2023-32659.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32659", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.\n\n\n\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SUBNET Solutions Inc.", + "product": { + "product_data": [ + { + "product_name": "PowerSYSTEM Center", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2020 U10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "INTERNAL" + }, + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

SUBNET Solutions recommends users to follow the following workarounds:

\n\n
" + } + ], + "value": "\nSUBNET Solutions recommends users to follow the following workarounds:\n\n * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\n * Users should verify network security rules to ensure that outbound connections to the internet are not possible.\n * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\n * Monitor user activity and ensure application control rules only allow preauthorized executables to run.\n * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\n\n\n\n\n\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

SUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).


\n\n
" + } + ], + "value": "\nSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\n\n\n\n\n\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "SUBNET Solutions reported these vulnerabilities to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:L", + "version": "3.1" } ] } diff --git a/2023/3xxx/CVE-2023-3315.json b/2023/3xxx/CVE-2023-3315.json index 771fa017616..ccb08e034ad 100644 --- a/2023/3xxx/CVE-2023-3315.json +++ b/2023/3xxx/CVE-2023-3315.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-3315", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing permission checks in Jenkins Team Concert Plugin 2.4.1 and earlier allow attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Team Concert Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "2.4.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2932", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2932" } ] }