"-Synchronized-Data."

2025-05-08 03:27:03 +00:00 · 2022-05-02 11:01:36 +00:00 · 2022-05-02 11:01:36 +00:00 · fcd6e88adc
commit fcd6e88adc
parent cf5a79e33a
1 changed files with 55 additions and 6 deletions
--- a/2022/23xxx/CVE-2022-23904.json
+++ b/2022/23xxx/CVE-2022-23904.json
@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2022-23904",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2022-23904",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Rainworx Auctionworx < 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows an authenticated user to upgrade his account to admin and gain access to the auctionworx admin control panel. This vulnerability affects AuctionWorx Enterprise and AuctionWorx: Events Edition."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.rainworx.com/",
+                "refsource": "MISC",
+                "name": "https://www.rainworx.com/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://ebereorisi.com/blog/account-privilege-upgrade-on-auctionworx-software-cve-2022-23904/",
+                "url": "https://ebereorisi.com/blog/account-privilege-upgrade-on-auctionworx-software-cve-2022-23904/"
            }
        ]
    }