Auto-Update: 2024-09-13T04:00:17.081703+00:00

2025-07-09 16:05:11 +00:00 · 2024-09-13 04:03:16 +00:00 · 2024-09-13 04:03:16 +00:00 · 0b6bbc6fd1
commit 0b6bbc6fd1
parent 787c657da5
3 changed files with 68 additions and 8 deletions
--- a/CVE-2024/CVE-2024-431xx/CVE-2024-43180.json
+++ b/CVE-2024/CVE-2024-431xx/CVE-2024-43180.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-43180",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-09-13T02:15:01.887",
+  "lastModified": "2024-09-13T02:15:01.887",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-614"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/351213",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7168234",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-09-13T02:00:17.243546+00:00
+2024-09-13T04:00:17.081703+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-09-13T01:15:02.320000+00:00
+2024-09-13T02:15:01.887000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-262716
+262717
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2024-8762](CVE-2024/CVE-2024-87xx/CVE-2024-8762.json) (`2024-09-13T01:15:02.320`)
+- [CVE-2024-43180](CVE-2024/CVE-2024-431xx/CVE-2024-43180.json) (`2024-09-13T02:15:01.887`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2024-31336](CVE-2024/CVE-2024-313xx/CVE-2024-31336.json) (`2024-09-13T01:15:01.980`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -250970,7 +250970,7 @@ CVE-2024-31332,0,0,fe533958eb1f5014a983744e26d4dc56008592fb4b2dc96ebd425a317d9ee
 CVE-2024-31333,0,0,fffa52c47c5b8e1c2bcdc9fe3c080f43dd069e7ef7813f142892cae434fbd8ff,2024-08-19T13:00:23.117000
 CVE-2024-31334,0,0,69828e729ce39e0f18173fda19e01cf9f4d39333d7345a58dacf94a302bbacd6,2024-07-11T15:05:41.960000
 CVE-2024-31335,0,0,3a5c3c43b9344b158e79d76d5bd0e2d36d3e7822b50bec9afc211045c26c9812,2024-08-01T13:50:52.347000
-CVE-2024-31336,0,1,e16f98988b82130b2e32557c399f0ea25778a1838eb9ccce21afc0b2ed5c5a95,2024-09-13T01:15:01.980000
+CVE-2024-31336,0,0,e16f98988b82130b2e32557c399f0ea25778a1838eb9ccce21afc0b2ed5c5a95,2024-09-13T01:15:01.980000
 CVE-2024-31339,0,0,cd4c96aade7176a5aa7427f1e13d7eb03c1e703de2eb92c3c6c97472cece1e5c,2024-07-12T16:11:34.910000
 CVE-2024-3134,0,0,29c3b545a5da0a472480af2af3f9f3acedbe4b841a8f6f121606a369bcd8fa7c,2024-05-17T18:36:05.263000
 CVE-2024-31340,0,0,69d2a170836208f6faad46a647a02e1d14f5dbc15c6da296b85bfb3a229fe567,2024-07-03T01:54:45.633000
@ -258634,6 +258634,7 @@ CVE-2024-43167,0,0,4e0990bddf2f78bd7962e7fefd45b238c4cd5730031930510e72195ad3b2d
 CVE-2024-43168,0,0,dda21c5c2e3bbeaf5d69baa1c2ddcb5d63c7d6cc03584943a831db0d376f97f0,2024-08-12T13:41:36.517000
 CVE-2024-4317,0,0,2ab51635ebb5a78f9093ee7220532c2f98c47bcb30186dfa33cf412783a7fe8e,2024-05-14T16:11:39.510000
 CVE-2024-4318,0,0,7b0a62dc8691f5e6f2210e7e19a78c6d4d5c9f053f662e7593a96cdc8c097afb,2024-05-16T13:03:05.353000
+CVE-2024-43180,1,1,200f4bd3951da6e58848640994148b26107e802b8478772c0fc602c4452f6fcb,2024-09-13T02:15:01.887000
 CVE-2024-4319,0,0,7ca0245a01df3d5ced472265b32f90c6f6a22a37af3715d5589379ecac1f6a24,2024-06-11T13:54:12.057000
 CVE-2024-43199,0,0,94150f8459e19abf18625a946d8a507867275817cd3d9928084030fcb7fa8330,2024-08-12T12:59:48.253000
 CVE-2024-4320,0,0,f21f873c3bfeb896c071276000f6bbe2ae4420d2f2c3184178334c98a666705b,2024-06-07T14:56:05.647000
@ -262714,4 +262715,4 @@ CVE-2024-8749,0,0,6c300bdfd0775f414e5e2003c3bfef67fe867038e6f1a0c3495f0a7e6012e1
 CVE-2024-8750,0,0,418fabeb18e7b297a31252c3e8fef09ccda76bf14212f7478abfd99c5bae6ae6,2024-09-12T12:35:54.013000
 CVE-2024-8751,0,0,66bf4cb3efd3a19b11cc04552e956e3ad68f7c58b21ee98d18c0d4f60816db0f,2024-09-12T22:15:02.680000
 CVE-2024-8754,0,0,dcef29ecbc812aa49fbf1b13b0eb401b8ca812115ed5357160273332851b27b7,2024-09-12T18:14:03.913000
-CVE-2024-8762,1,1,cd0180b0880cf0bebff2c6b1b9d52d51ab239e3d6ee0b5d44daa1480e3a9c097,2024-09-13T01:15:02.320000
+CVE-2024-8762,0,0,cd0180b0880cf0bebff2c6b1b9d52d51ab239e3d6ee0b5d44daa1480e3a9c097,2024-09-13T01:15:02.320000