admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/1xxx/CVE-2023-1751.json
CVE Team 7e2816aee0
"-Synchronized-Data."
2023-04-04 17:00:34 +00:00

114 lines
4.1 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-1751",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The listed versions of Nexx Smart Home devices use a WebSocket server that does not validate if the bearer token in the Authorization header belongs to the device attempting to associate. This could allow any authorized user to receive alarm information and signals meant for other devices which leak a deviceId."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Nexx",
"product": {
"product_data": [
{
"product_name": "Smart Alarm NXAL-100",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "nxal100v-p1-9-1"
}
]
}
},
{
"product_name": "Smart Plug NXPG-100W",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "nxpg100cv4-0-0"
}
]
}
},
{
"product_name": "Garage Door Controller NXG-100B, NXG-200",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "nxg200v-p3-4-1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01"
}
]
},
"generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1751"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink