admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-455xx/CVE-2023-45593.json

64 lines
2.6 KiB
JSON
Raw Normal View History

Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
{
"id": "CVE-2023-45593",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:46.213",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"lastModified": "2024-11-21T08:27:01.460",
Auto-Update: 2024-03-05T15:01:09.291630+00:00
2024-03-05 15:01:14 +00:00
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
"descriptions": [
{
"lang": "en",
Auto-Update: 2024-10-17T12:00:22.907012+00:00
2024-10-17 12:03:23 +00:00
"value": "A CWE-184 \u201cIncomplete List of Disallowed Inputs\u201d vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than \u201c http://localhost\u201d ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
},
{
"lang": "es",
"value": "Una vulnerabilidad CWE-693 de \u201cFallo del mecanismo de protecci\u00f3n\u201d en el navegador Chromium integrado (relacionada con el manejo de URL alternativas, distintas de \u201chttp://localhost\u201d http://localhost\u201d) permite a un atacante f\u00edsico leer archivos arbitrarios en el archivo sistema, alterar la configuraci\u00f3n del navegador integrado y tener otros impactos no especificados en la confidencialidad, integridad y disponibilidad del dispositivo. Este problema afecta: Paquete AiLux imx6 inferior a la versi\u00f3n imx6_1.0.7-2."
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "HIGH"
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"type": "Secondary",
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
"description": [
{
"lang": "en",
Auto-Update: 2024-09-30T12:00:17.617936+00:00
2024-09-30 12:03:16 +00:00
"value": "CWE-184"
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45593",
"source": "prodsec@nozominetworks.com"
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
},
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45593",
"source": "af854a3a-2127-422b-91ae-364da2661108"
Auto-Update: 2024-03-05T13:08:44.618458+00:00
2024-03-05 13:08:48 +00:00
}
]
}
Reference in New Issue Copy Permalink