admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/51xxx/CVE-2023-51380.json
CVE Team a31b8196ba
"-Synchronized-Data."
2023-12-21 21:00:36 +00:00

178 lines
8.4 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-51380",
"ASSIGNER": "product-cna@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitHub",
"product": {
"product_data": [
{
"product_name": "Enterprise Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "3.7.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.7.18",
"status": "affected",
"version": "3.7.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.8.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.8.11",
"status": "affected",
"version": "3.8.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.9.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.9.6",
"status": "affected",
"version": "3.9.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.10.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.10.3",
"status": "affected",
"version": "3.10.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.11.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.11.0",
"status": "affected",
"version": "3.11",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Douglas Day"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink