admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#9228

Browse Source 
Auto-merge PR#9228
This commit is contained in:
CVE Team 2023-07-10 02:30:20 -04:00 committed by GitHub
commit fc0468422d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2023/37xxx/CVE-2023-37288.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": { "CVE_data_meta": {
"AKA": "TWCERT/CC", "AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw", "ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2023-07-10T01:02:00.000Z", "DATE_PUBLIC": "2023-07-10T06:02:00.000Z",
"ID": "CVE-2023-37288", "ID": "CVE-2023-37288",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "SmartBPM.NET - Path Traversal" "TITLE": "SmartBPM.NET - Path Traversal"
@ -19,14 +19,14 @@
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.70" "version_value": " 6.70"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "SamrtSoft" "vendor_name": "SmartSoft"
} }
] ]
} }
@ -38,7 +38,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated remote attacker can exploit this vulnerability to access system with regular user privilege to read application data, and execute submission and approval processes." "value": "SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files."
} }
] ]
}, },