admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-12xx/CVE-2023-1256.json

109 lines
3.5 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2023-1256",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-03-16T19:15:18.227",
Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00
"lastModified": "2023-11-07T04:02:56.390",
"vulnStatus": "Modified",
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00
"source": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
bootstrap
2023-04-24 12:24:31 +02:00
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:aveva_plant_scada:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "AC5A74A3-B5E5-4E0A-A9C9-E0EE74E84000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:aveva_plant_scada:2020r2:update_10:*:*:*:*:*:*",
"matchCriteriaId": "9B6D6F35-C5A4-4C5B-AF6D-E977CEC7456E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:aveva_plant_scada:2023:-:*:*:*:*:*:*",
"matchCriteriaId": "D19168D6-A186-4266-A12C-196CA438CF32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:aveva_plant_scada:2023:update_10:*:*:*:*:*:*",
"matchCriteriaId": "03FE6538-371E-45BE-BD72-4C41F37B0A71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "12AD341A-07AE-4837-A1DC-471FFF0926DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "62A91A30-CB69-4E14-9C32-BF848E740944"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-04",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue Copy Permalink