admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-245xx/CVE-2023-24514.json

106 lines
2.8 KiB
JSON
Raw Normal View History

Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
{
"id": "CVE-2023-24514",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-22T19:16:34.393",
Auto-Update: 2023-08-26T04:00:36.424218+00:00
2023-08-26 04:00:39 +00:00
"lastModified": "2023-08-26T02:26:23.970",
"vulnStatus": "Analyzed",
Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms."
}
],
"metrics": {
"cvssMetricV31": [
Auto-Update: 2023-08-26T04:00:36.424218+00:00
2023-08-26 04:00:39 +00:00
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2
}
]
},
"weaknesses": [
Auto-Update: 2023-08-26T04:00:36.424218+00:00
2023-08-26 04:00:39 +00:00
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
Auto-Update: 2023-08-26T04:00:36.424218+00:00
2023-08-26 04:00:39 +00:00
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "767",
"matchCriteriaId": "E3F21FDE-5E11-4117-9E57-DD3E5C7B3DE3"
}
]
}
]
}
],
Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
Auto-Update: 2023-08-26T04:00:36.424218+00:00
2023-08-26 04:00:39 +00:00
"source": "cve-coordination@incibe.es",
"tags": [
"Vendor Advisory"
]
Auto-Update: 2023-08-22T20:00:38.701005+00:00
2023-08-22 20:00:42 +00:00
}
]
}
Reference in New Issue Copy Permalink