nvd-json-data-feeds/CVE-2023/CVE-2023-472xx/CVE-2023-47250.json

{
  "id": "CVE-2023-47250",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-11-22T18:15:08.883",
  "lastModified": "2023-11-27T22:15:07.997",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop, including the ability to inject keystrokes and perform a keylogging attack."
    },
    {
      "lang": "es",
      "value": "En mprivacy-tools anterior a 2.0.406g en m-privacy TightGate-Pro Server, el control de acceso roto en los sockets del servidor X11 permite a atacantes autenticados (con acceso a una sesi\u00f3n VNC) acceder a los escritorios X11 de otros usuarios especificando su ID DE PANTALLA. Esto permite un control total de su escritorio, incluida la capacidad de inyectar pulsaciones de teclas y realizar un ataque de registro de teclas."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "http://seclists.org/fulldisclosure/2023/Nov/13",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://sec-consult.com/en/vulnerability-lab/advisories/index.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-m-privacy-tightgate-pro/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.m-privacy.de/en/tightgate-pro-safe-surfing/",
      "source": "cve@mitre.org"
    }
  ]
}
Auto-Update: 2023-11-22T19:00:19.986892+00:00 2023-11-22 19:00:23 +00:00			`{`
			`"id": "CVE-2023-47250",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-11-22T18:15:08.883",`
Auto-Update: 2023-11-27T23:00:18.303992+00:00 2023-11-27 23:00:21 +00:00			`"lastModified": "2023-11-27T22:15:07.997",`
Auto-Update: 2023-11-22T21:00:21.994874+00:00 2023-11-22 21:00:25 +00:00			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-11-22T19:00:19.986892+00:00 2023-11-22 19:00:23 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop, including the ability to inject keystrokes and perform a keylogging attack."`
Auto-Update: 2023-11-22T21:00:21.994874+00:00 2023-11-22 21:00:25 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "En mprivacy-tools anterior a 2.0.406g en m-privacy TightGate-Pro Server, el control de acceso roto en los sockets del servidor X11 permite a atacantes autenticados (con acceso a una sesi\u00f3n VNC) acceder a los escritorios X11 de otros usuarios especificando su ID DE PANTALLA. Esto permite un control total de su escritorio, incluida la capacidad de inyectar pulsaciones de teclas y realizar un ataque de registro de teclas."`
Auto-Update: 2023-11-22T19:00:19.986892+00:00 2023-11-22 19:00:23 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
Auto-Update: 2023-11-27T23:00:18.303992+00:00 2023-11-27 23:00:21 +00:00			`{`
			`"url": "http://seclists.org/fulldisclosure/2023/Nov/13",`
			`"source": "cve@mitre.org"`
			`},`
Auto-Update: 2023-11-22T19:00:19.986892+00:00 2023-11-22 19:00:23 +00:00			`{`
			`"url": "https://sec-consult.com/en/vulnerability-lab/advisories/index.html",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-m-privacy-tightgate-pro/",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://www.m-privacy.de/en/tightgate-pro-safe-surfing/",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`