From 062c1fc9997cfced2fc8b2c20cd26765d5e6c4a4 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 8 Dec 2024 09:03:42 +0000 Subject: [PATCH] Auto-Update: 2024-12-08T09:00:19.961458+00:00 --- CVE-2024/CVE-2024-123xx/CVE-2024-12342.json | 137 ++++++++++++++++++++ README.md | 8 +- _state.csv | 3 +- 3 files changed, 143 insertions(+), 5 deletions(-) create mode 100644 CVE-2024/CVE-2024-123xx/CVE-2024-12342.json diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12342.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12342.json new file mode 100644 index 00000000000..e2c6f3ae45c --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12342.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-12342", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-08T07:15:04.950", + "lastModified": "2024-12-08T07:15:04.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", + "baseScore": 6.1, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Zephkek/TP-WANPunch/blob/main/README.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.287261", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.287261", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.tp-link.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 233e3a17a54..3b878a70d0c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-08T07:00:19.263780+00:00 +2024-12-08T09:00:19.961458+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-08T06:15:04.823000+00:00 +2024-12-08T07:15:04.950000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272598 +272599 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-12209](CVE-2024/CVE-2024-122xx/CVE-2024-12209.json) (`2024-12-08T06:15:04.823`) +- [CVE-2024-12342](CVE-2024/CVE-2024-123xx/CVE-2024-12342.json) (`2024-12-08T07:15:04.950`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index e084d573173..ba5aa28f1df 100644 --- a/_state.csv +++ b/_state.csv @@ -244185,7 +244185,7 @@ CVE-2024-12188,0,0,9630a0796baa9ec4e8782d005d486e4f8bf046eb1e553a6bbf9ee9e7d1813 CVE-2024-1219,0,0,629287fb6c9fdb1db5a6b18292530d26bc4ea3297efdbbab51f719885479af95,2024-11-21T08:50:04.430000 CVE-2024-12196,0,0,9fa580adf43e9cbf06e25fc8b96bbf2ae78be5e0921b9598efca40b2ec0f8630,2024-12-04T21:15:21.090000 CVE-2024-1220,0,0,9554836c8027e0b7a98d02c469b0640f37340ff8518df5c7c53c1851829f880c,2024-11-21T08:50:04.733000 -CVE-2024-12209,1,1,e55df453280925a5ada6ceed594c84db1ea741f75d9f89eeca6eeeac114b874a,2024-12-08T06:15:04.823000 +CVE-2024-12209,0,0,e55df453280925a5ada6ceed594c84db1ea741f75d9f89eeca6eeeac114b874a,2024-12-08T06:15:04.823000 CVE-2024-1221,0,0,c833d2d1840e5e81b3c325295532e3c4cac8ba514abb434d638a7c419bdc43e8,2024-11-21T08:50:04.920000 CVE-2024-1222,0,0,ff0f67607974451388d42ae6b90b2e9690717b801a6493a4e7aa508a94c6883e,2024-11-21T08:50:05.110000 CVE-2024-12227,0,0,ba90ebb2cf382c847aea04197c034e5e0e145f9bb34caf2219ef0758e476d6a3,2024-12-05T14:15:19.400000 @@ -244215,6 +244215,7 @@ CVE-2024-1232,0,0,0724dcbb02c95ade7614aaa3e49113b53bf4da94f0e9ec3c91efd2f39f26e0 CVE-2024-12326,0,0,f960296d4c7a80b2aa28fc7f84f75a77ad31211d0d7e9b5df25b051a57e66633,2024-12-06T21:15:05.957000 CVE-2024-1233,0,0,9d758d75169c31056a2dd99a6ff761ac0a3c179827b3dc598c6fb0d83614dada,2024-11-21T08:50:07.317000 CVE-2024-1234,0,0,6b4d1ae0b8159c98fb379447cf95a21f71a7514cfa9af5f48616ab89e3a52cca,2024-11-21T08:50:07.567000 +CVE-2024-12342,1,1,c8f9d4658bb439c06796f6393d38c161608854ed130acdc85baa16bde35bc56c,2024-12-08T07:15:04.950000 CVE-2024-1235,0,0,fd37d01ad20dcc5d0dd22397b78801055d1e00ef080900e252a8af428afe4d67,2024-11-21T08:50:07.683000 CVE-2024-1236,0,0,98cf8c8d0d2027d41420e47ce0e54a62c55b6c82b55779fb1975380b5e094f29,2024-11-21T08:50:07.797000 CVE-2024-1237,0,0,7608b762d209f55f10a23dbde634d086adad1d6240344714ec7de5c458d836b6,2024-11-21T08:50:07.910000