From fd9535b234d79b5bd5bb81f7bd77695cf8756d87 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 5 Dec 2023 18:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/34xxx/CVE-2023-34872.json | 5 ++ 2023/41xxx/CVE-2023-41251.json | 18 ++++++++ 2023/43xxx/CVE-2023-43608.json | 5 -- 2023/43xxx/CVE-2023-43628.json | 5 -- 2023/43xxx/CVE-2023-43788.json | 5 ++ 2023/43xxx/CVE-2023-43789.json | 5 ++ 2023/45xxx/CVE-2023-45215.json | 18 ++++++++ 2023/45xxx/CVE-2023-45838.json | 5 -- 2023/45xxx/CVE-2023-45839.json | 5 -- 2023/45xxx/CVE-2023-45840.json | 5 -- 2023/45xxx/CVE-2023-45841.json | 5 -- 2023/45xxx/CVE-2023-45842.json | 5 -- 2023/46xxx/CVE-2023-46674.json | 84 ++++++++++++++++++++++++++++++++-- 2023/47xxx/CVE-2023-47856.json | 18 ++++++++ 2023/49xxx/CVE-2023-49606.json | 18 ++++++++ 2023/50xxx/CVE-2023-50239.json | 18 ++++++++ 2023/50xxx/CVE-2023-50240.json | 18 ++++++++ 2023/50xxx/CVE-2023-50243.json | 18 ++++++++ 2023/50xxx/CVE-2023-50244.json | 18 ++++++++ 2023/6xxx/CVE-2023-6345.json | 5 ++ 2023/6xxx/CVE-2023-6346.json | 5 ++ 2023/6xxx/CVE-2023-6347.json | 5 ++ 2023/6xxx/CVE-2023-6348.json | 5 ++ 2023/6xxx/CVE-2023-6350.json | 5 ++ 2023/6xxx/CVE-2023-6351.json | 5 ++ 2023/6xxx/CVE-2023-6448.json | 76 ++++++++++++++++++++++++++++-- 2023/6xxx/CVE-2023-6530.json | 18 ++++++++ 27 files changed, 360 insertions(+), 42 deletions(-) create mode 100644 2023/41xxx/CVE-2023-41251.json create mode 100644 2023/45xxx/CVE-2023-45215.json create mode 100644 2023/47xxx/CVE-2023-47856.json create mode 100644 2023/49xxx/CVE-2023-49606.json create mode 100644 2023/50xxx/CVE-2023-50239.json create mode 100644 2023/50xxx/CVE-2023-50240.json create mode 100644 2023/50xxx/CVE-2023-50243.json create mode 100644 2023/50xxx/CVE-2023-50244.json create mode 100644 2023/6xxx/CVE-2023-6530.json diff --git a/2023/34xxx/CVE-2023-34872.json b/2023/34xxx/CVE-2023-34872.json index 25f6de89147..0e798b0afdf 100644 --- a/2023/34xxx/CVE-2023-34872.json +++ b/2023/34xxx/CVE-2023-34872.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2023-4eff9e2cd6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2023-f0be0daaa5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/" } ] } diff --git a/2023/41xxx/CVE-2023-41251.json b/2023/41xxx/CVE-2023-41251.json new file mode 100644 index 00000000000..22c4e9d64c4 --- /dev/null +++ b/2023/41xxx/CVE-2023-41251.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-41251", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/43xxx/CVE-2023-43608.json b/2023/43xxx/CVE-2023-43608.json index c698690b651..fbe472bda4d 100644 --- a/2023/43xxx/CVE-2023-43608.json +++ b/2023/43xxx/CVE-2023-43608.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1845", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1845" } ] }, diff --git a/2023/43xxx/CVE-2023-43628.json b/2023/43xxx/CVE-2023-43628.json index 2ce98f44ccc..e4575f6aba3 100644 --- a/2023/43xxx/CVE-2023-43628.json +++ b/2023/43xxx/CVE-2023-43628.json @@ -58,11 +58,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1860", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1860" } ] }, diff --git a/2023/43xxx/CVE-2023-43788.json b/2023/43xxx/CVE-2023-43788.json index 79f6ae7b37d..da64931f49b 100644 --- a/2023/43xxx/CVE-2023-43788.json +++ b/2023/43xxx/CVE-2023-43788.json @@ -183,6 +183,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/" } ] }, diff --git a/2023/43xxx/CVE-2023-43789.json b/2023/43xxx/CVE-2023-43789.json index 6d2e9c775db..59958f49396 100644 --- a/2023/43xxx/CVE-2023-43789.json +++ b/2023/43xxx/CVE-2023-43789.json @@ -178,6 +178,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/" } ] }, diff --git a/2023/45xxx/CVE-2023-45215.json b/2023/45xxx/CVE-2023-45215.json new file mode 100644 index 00000000000..6f29dc670b1 --- /dev/null +++ b/2023/45xxx/CVE-2023-45215.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-45215", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/45xxx/CVE-2023-45838.json b/2023/45xxx/CVE-2023-45838.json index b99f3e224a9..af50e7d6b41 100644 --- a/2023/45xxx/CVE-2023-45838.json +++ b/2023/45xxx/CVE-2023-45838.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844" } ] }, diff --git a/2023/45xxx/CVE-2023-45839.json b/2023/45xxx/CVE-2023-45839.json index a959b4df1bf..2a45f8835b5 100644 --- a/2023/45xxx/CVE-2023-45839.json +++ b/2023/45xxx/CVE-2023-45839.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844" } ] }, diff --git a/2023/45xxx/CVE-2023-45840.json b/2023/45xxx/CVE-2023-45840.json index f8aa2875855..044199361dd 100644 --- a/2023/45xxx/CVE-2023-45840.json +++ b/2023/45xxx/CVE-2023-45840.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844" } ] }, diff --git a/2023/45xxx/CVE-2023-45841.json b/2023/45xxx/CVE-2023-45841.json index 7666ce6ad09..5acfe110429 100644 --- a/2023/45xxx/CVE-2023-45841.json +++ b/2023/45xxx/CVE-2023-45841.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844" } ] }, diff --git a/2023/45xxx/CVE-2023-45842.json b/2023/45xxx/CVE-2023-45842.json index 9c1a965f598..2a30174b8db 100644 --- a/2023/45xxx/CVE-2023-45842.json +++ b/2023/45xxx/CVE-2023-45842.json @@ -62,11 +62,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1844" } ] }, diff --git a/2023/46xxx/CVE-2023-46674.json b/2023/46xxx/CVE-2023-46674.json index eebe88ac4bd..01572eed08b 100644 --- a/2023/46xxx/CVE-2023-46674.json +++ b/2023/46xxx/CVE-2023-46674.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46674", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@elastic.co", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Elasticsearch-Hadoop", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.3.0", + "version_value": "7.17.11" + }, + { + "version_affected": "<", + "version_name": "8.0.0", + "version_value": "8.9.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663", + "refsource": "MISC", + "name": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/47xxx/CVE-2023-47856.json b/2023/47xxx/CVE-2023-47856.json new file mode 100644 index 00000000000..cf705736e03 --- /dev/null +++ b/2023/47xxx/CVE-2023-47856.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47856", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/49xxx/CVE-2023-49606.json b/2023/49xxx/CVE-2023-49606.json new file mode 100644 index 00000000000..96bee44b2ab --- /dev/null +++ b/2023/49xxx/CVE-2023-49606.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-49606", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/50xxx/CVE-2023-50239.json b/2023/50xxx/CVE-2023-50239.json new file mode 100644 index 00000000000..2610de44a50 --- /dev/null +++ b/2023/50xxx/CVE-2023-50239.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-50239", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/50xxx/CVE-2023-50240.json b/2023/50xxx/CVE-2023-50240.json new file mode 100644 index 00000000000..6c28e4bec43 --- /dev/null +++ b/2023/50xxx/CVE-2023-50240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-50240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/50xxx/CVE-2023-50243.json b/2023/50xxx/CVE-2023-50243.json new file mode 100644 index 00000000000..877c039f337 --- /dev/null +++ b/2023/50xxx/CVE-2023-50243.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-50243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/50xxx/CVE-2023-50244.json b/2023/50xxx/CVE-2023-50244.json new file mode 100644 index 00000000000..11b9d67ecc3 --- /dev/null +++ b/2023/50xxx/CVE-2023-50244.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-50244", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/6xxx/CVE-2023-6345.json b/2023/6xxx/CVE-2023-6345.json index 2dd647bdb3c..56ec8bb7045 100644 --- a/2023/6xxx/CVE-2023-6345.json +++ b/2023/6xxx/CVE-2023-6345.json @@ -78,6 +78,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6346.json b/2023/6xxx/CVE-2023-6346.json index 4c779d80a32..cab8f134e1b 100644 --- a/2023/6xxx/CVE-2023-6346.json +++ b/2023/6xxx/CVE-2023-6346.json @@ -78,6 +78,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6347.json b/2023/6xxx/CVE-2023-6347.json index 66f9ee98390..97219ff8268 100644 --- a/2023/6xxx/CVE-2023-6347.json +++ b/2023/6xxx/CVE-2023-6347.json @@ -78,6 +78,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6348.json b/2023/6xxx/CVE-2023-6348.json index 2a6eaea0b52..b9be0dd5504 100644 --- a/2023/6xxx/CVE-2023-6348.json +++ b/2023/6xxx/CVE-2023-6348.json @@ -73,6 +73,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6350.json b/2023/6xxx/CVE-2023-6350.json index c0a2e293865..dd52f5a81ba 100644 --- a/2023/6xxx/CVE-2023-6350.json +++ b/2023/6xxx/CVE-2023-6350.json @@ -78,6 +78,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6351.json b/2023/6xxx/CVE-2023-6351.json index 37becaafb0f..fec295d3a64 100644 --- a/2023/6xxx/CVE-2023-6351.json +++ b/2023/6xxx/CVE-2023-6351.json @@ -78,6 +78,11 @@ "url": "https://www.debian.org/security/2023/dsa-5569", "refsource": "MISC", "name": "https://www.debian.org/security/2023/dsa-5569" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR/" } ] } diff --git a/2023/6xxx/CVE-2023-6448.json b/2023/6xxx/CVE-2023-6448.json index 029db8222e9..ff0580cfd8c 100644 --- a/2023/6xxx/CVE-2023-6448.json +++ b/2023/6xxx/CVE-2023-6448.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-6448", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated attacker with network access to a PLC or HMI can take administrative control of the system.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1188 Insecure Default Initialization of Resource", + "cweId": "CWE-1188" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unitronics", + "product": { + "product_data": [ + { + "product_name": "Vision Series PLCs and HMIs", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "all" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/6xxx/CVE-2023-6530.json b/2023/6xxx/CVE-2023-6530.json new file mode 100644 index 00000000000..78333a94a44 --- /dev/null +++ b/2023/6xxx/CVE-2023-6530.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-6530", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file