Auto-merge PR#9228

2025-06-19 17:32:41 +00:00 · 2023-07-10 02:30:20 -04:00 · 2023-07-10 02:30:20 -04:00 · fc0468422d
commit fc0468422d
parent a5b64cf375 b6dac56a0f
1 changed files with 4 additions and 4 deletions
--- a/2023/37xxx/CVE-2023-37288.json
+++ b/2023/37xxx/CVE-2023-37288.json
@ -2,7 +2,7 @@
    "CVE_data_meta": {
        "AKA": "TWCERT/CC",
        "ASSIGNER": "cve@cert.org.tw",
-        "DATE_PUBLIC": "2023-07-10T01:02:00.000Z",
+        "DATE_PUBLIC": "2023-07-10T06:02:00.000Z",
        "ID": "CVE-2023-37288",
        "STATE": "PUBLIC",
        "TITLE": "SmartBPM.NET - Path Traversal"
@ -26,7 +26,7 @@
                            }
                        ]
                    },
-                    "vendor_name": "SamrtSoft"
+                    "vendor_name": "SmartSoft"
                }
            ]
        }
@ -38,7 +38,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated remote attacker can exploit this vulnerability to access system with regular user privilege to read application data, and execute submission and approval processes."
+                "value": "SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files."
            }
        ]
    },