admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-18T21:00:25.551968+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-18 21:00:29 +00:00
parent 3051043523
commit 109bee3a18
106 changed files with 9321 additions and 458 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
CVE-2022/CVE-2022-49xx/CVE-2022-4959.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4959",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T21:15:09.617",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:20:46.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qkmc-rk:redbbs:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FA7E12-C02B-4209-B181-395F66D654D7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/qkmc-rk/redbbs/issues/2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250237",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250237",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-49xx/CVE-2022-4961.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4961",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-12T05:15:09.263",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:31:59.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fuyanglipengjun:wetong_mall:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13026A6F-61BB-4F0B-8C27-6E0C3622DB52"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/fuyang_lipengjun/platform/issues/I5XC79",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250243",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250243",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-289xx/CVE-2023-28900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28900",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:13.737",
"lastModified": "2024-01-18T17:15:13.737",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-289xx/CVE-2023-28901.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28901",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:14.003",
"lastModified": "2024-01-18T17:15:14.003",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

103
CVE-2023/CVE-2023-294xx/CVE-2023-29447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29447",
"sourceIdentifier": "ot-cert@dragos.com",
"published": "2024-01-10T21:15:08.790",
"lastModified": "2024-01-11T13:57:35.163",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:53:18.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "ot-cert@dragos.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "ot-cert@dragos.com",
"type": "Secondary",
@ -50,18 +80,81 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ptc:kepware_kepserverex:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.2107.0",
"versionEndIncluding": "6.14.263.0",
"matchCriteriaId": "BE266C92-959F-41CE-A8DA-DC3D336BC169"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ptc:thingworx_kepware_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndIncluding": "6.14.263.0",
"matchCriteriaId": "99455409-195C-418C-A227-E9C67E70C2F3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.5",
"matchCriteriaId": "10F80877-E2FA-4800-B4EB-BC87E35A9441"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03",
"source": "ot-cert@dragos.com"
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/",
"source": "ot-cert@dragos.com"
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ptc.com/en/support/article/cs399528",
"source": "ot-cert@dragos.com"
"source": "ot-cert@dragos.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-300xx/CVE-2023-30014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30014",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T09:15:43.927",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:20:48.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de inyecci\u00f3n SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro sub_event_id en sub_event_stat_update.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:judging_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B03B38-D6B3-4E68-BC8C-1A36E865B087"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product"
]
}
]
}

64
CVE-2023/CVE-2023-300xx/CVE-2023-30015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30015",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T09:15:44.040",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:20:38.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de inyecci\u00f3n SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro txtsearch en review_search.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:judging_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B03B38-D6B3-4E68-BC8C-1A36E865B087"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-3.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product"
]
}
]
}

73
CVE-2023/CVE-2023-310xx/CVE-2023-31024.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31024",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-12T19:15:09.397",
"lastModified": "2024-01-12T19:21:49.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:46:57.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."
},
{
"lang": "es",
"value": "NVIDIA DGX A100 BMC contiene una vulnerabilidad en el daemon KVM del host, donde un atacante no autenticado puede da\u00f1ar la memoria de la pila al enviar un paquete de red especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*",
"versionEndExcluding": "00.22.05",
"matchCriteriaId": "866DDFEC-0CB8-4152-B36E-A358497AA4D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-310xx/CVE-2023-31025.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31025",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-12T19:15:09.627",
"lastModified": "2024-01-12T19:21:49.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:48:14.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure."
},
{
"lang": "es",
"value": "NVIDIA DGX A100 BMC contiene una vulnerabilidad en la que un atacante puede provocar una inyecci\u00f3n de usuario LDAP. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede conducir a la divulgaci\u00f3n de informaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*",
"versionEndExcluding": "00.22.05",
"matchCriteriaId": "866DDFEC-0CB8-4152-B36E-A358497AA4D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-310xx/CVE-2023-31029.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31029",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-12T19:15:09.847",
"lastModified": "2024-01-12T19:21:49.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:50:53.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."
},
{
"lang": "es",
"value": "El controlador de administraci\u00f3n de placa base (BMC) NVIDIA DGX A100 contiene una vulnerabilidad en el daemon KVM del host, donde un atacante no autenticado puede causar un desbordamiento de pila al enviar un paquete de red especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*",
"versionEndExcluding": "00.22.05",
"matchCriteriaId": "866DDFEC-0CB8-4152-B36E-A358497AA4D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-310xx/CVE-2023-31030.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31030",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-12T19:15:10.067",
"lastModified": "2024-01-12T19:21:49.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:53:22.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."
},
{
"lang": "es",
"value": "NVIDIA DGX A100 BMC contiene una vulnerabilidad en el daemon KVM del host, donde un atacante no autenticado puede provocar un desbordamiento de pila al enviar un paquete de red especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*",
"versionEndExcluding": "00.22.05",
"matchCriteriaId": "866DDFEC-0CB8-4152-B36E-A358497AA4D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-310xx/CVE-2023-31036.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31036",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-12T17:15:09.183",
"lastModified": "2024-01-12T18:05:43.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:45:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
},
{
"lang": "es",
"value": "NVIDIA Triton Inference Server para Linux y Windows contiene una vulnerabilidad en la que, cuando se inicia con la opci\u00f3n de l\u00ednea de comando no predeterminada --model-control explicit, un atacante puede usar la API de carga del modelo para provocar un path traversal relativo. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo, denegaci\u00f3n de servicio, escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +80,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.40",
"matchCriteriaId": "51C00F3A-3540-4E24-BA29-5933965EB478"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5509",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-312xx/CVE-2023-31274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31274",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.253",
"lastModified": "2024-01-18T18:15:08.253",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

67
CVE-2023/CVE-2023-340xx/CVE-2023-34061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34061",
"sourceIdentifier": "security@vmware.com",
"published": "2024-01-12T07:15:11.747",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:24:41.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@vmware.com",
"type": "Secondary",
@ -38,10 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal:cloud_foundry_deployment:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.28.0",
"versionEndIncluding": "33.5.0",
"matchCriteriaId": "E860CEF6-3AB5-4ADF-B1A6-4D05A5F5390B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal:cloud_foundry_routing_release:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.163.0",
"versionEndIncluding": "0.283.0",
"matchCriteriaId": "66D0AA37-1922-486B-86C9-59E96F1B6E1E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-343xx/CVE-2023-34348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34348",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.457",
"lastModified": "2024-01-18T18:15:08.457",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

522
CVE-2023/CVE-2023-368xx/CVE-2023-36842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36842",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:45.820",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:15:59.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,498 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "C445622E-8E57-4990-A71A-E1993BFCB91A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75730",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Not Applicable"
]
}
]
}

12
CVE-2023/CVE-2023-376xx/CVE-2023-37644.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37644",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T08:15:35.737",
"lastModified": "2024-01-17T21:39:24.333",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-18T19:27:01.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,8 +21,8 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
@ -30,10 +30,10 @@
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]

68
CVE-2023/CVE-2023-402xx/CVE-2023-40250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40250",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2024-01-12T02:15:44.380",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:24:35.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -50,10 +80,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hancom:hcell:12.0.0.893:*:*:*:*:*:*:*",
"matchCriteriaId": "D0603140-5FD3-4991-8F6A-374C4CD44945"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hancom.com/cs_center/csDownload.do?gnb0=25gnb1=80",
"source": "vuln@krcert.or.kr"
"source": "vuln@krcert.or.kr",
"tags": [
"Product"
]
}
]
}

71
CVE-2023/CVE-2023-464xx/CVE-2023-46474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46474",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T22:15:45.713",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:23:18.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,76 @@
"value": "Vulnerabilidad de carga de archivos PMB v.7.4.8 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y escalar privilegios a trav\u00e9s de un archivo PHP manipulado subido al archivo start_import.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sigb:pmb:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.5.3",
"matchCriteriaId": "E4943AC6-65E7-4405-94E9-57315A7FA378"
}
]
}
]
}
],
"references": [
{
"url": "http://pmb.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/Xn2/CVE-2023-46474",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48254.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48254",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:45.993",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:47:25.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim\u2019s session via a crafted URL or HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto inyectar y ejecutar c\u00f3digo script arbitrario del lado del cliente dentro de la sesi\u00f3n de una v\u00edctima a trav\u00e9s de una URL manipulada o una solicitud HTTP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48255.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48255",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:46.200",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:29:46.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim\u2019s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned log."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado enviar solicitudes de red maliciosas que contienen c\u00f3digo de script arbitrario del lado del cliente y obtener su ejecuci\u00f3n dentro de la sesi\u00f3n de la v\u00edctima a trav\u00e9s de una URL manipulada, una solicitud HTTP o simplemente esperando a que la v\u00edctima vea el registro envenenado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-492xx/CVE-2023-49258.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-49258",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-12T15:15:09.307",
"lastModified": "2024-01-12T15:54:26.600",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:38:29.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "User browser may be forced to execute JavaScript and pass the authentication cookie to the attacker leveraging the XSS vulnerability located at \"/gui/terminal_tool.cgi\" in the \"data\" parameter."
},
{
"lang": "es",
"value": "El navegador del usuario puede verse obligado a ejecutar JavaScript y pasar la cookie de autenticaci\u00f3n al atacante aprovechando la vulnerabilidad XSS ubicada en \"/gui/terminal_tool.cgi\" en el par\u00e1metro \"data\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -23,14 +60,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2310271149",
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-492xx/CVE-2023-49259.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-49259",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-12T15:15:09.380",
"lastModified": "2024-01-12T15:54:26.600",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:33:22.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time."
},
{
"lang": "es",
"value": "Las cookies de autenticaci\u00f3n se generan utilizando un algoritmo basado en el nombre de usuario, el secreto codificado y el tiempo de actividad, y pueden adivinarse en un tiempo razonable."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -23,14 +60,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2310271149",
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-492xx/CVE-2023-49260.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-49260",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-12T15:15:09.463",
"lastModified": "2024-01-12T15:54:26.600",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:22:01.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An XSS attack can be performed by changing the MOTD banner and pointing the victim to the \"terminal_tool.cgi\" path. It can be used together with the vulnerability CVE-2023-49255."
},
{
"lang": "es",
"value": "Se puede realizar un ataque XSS cambiando el banner MOTD y se\u00f1alando a la v\u00edctima la ruta \"terminal_tool.cgi\". Se puede utilizar junto con la vulnerabilidad CVE-2023-49255."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -23,14 +60,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2310271149",
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-492xx/CVE-2023-49261.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-49261",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-12T15:15:09.530",
"lastModified": "2024-01-12T15:54:26.600",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:21:50.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The \"tokenKey\" value used in user authorization is visible in the HTML source of the login page."
},
{
"lang": "es",
"value": "El valor \"tokenKey\" utilizado en la autorizaci\u00f3n del usuario es visible en el c\u00f3digo fuente HTML de la p\u00e1gina de inicio de sesi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -23,14 +60,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2310271149",
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-498xx/CVE-2023-49862.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49862",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-01-10T16:15:48.997",
"lastModified": "2024-01-10T18:15:47.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:29:20.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_gifimage` parameter."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la funcionalidad de carga de im\u00e1genes aVideoEncoderReceiveImage.json.php de la confirmaci\u00f3n maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la lectura de archivos arbitrarios. Esta vulnerabilidad se activa mediante el par\u00e1metro `downloadURL_gifimage`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wwbn:avideo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1AF6154-CDE7-45F9-9F6F-FDBC2D4E42B1"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-498xx/CVE-2023-49863.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49863",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-01-10T16:15:49.180",
"lastModified": "2024-01-10T18:15:47.483",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:29:12.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_webpimage` parameter."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la funcionalidad de carga de im\u00e1genes aVideoEncoderReceiveImage.json.php de la confirmaci\u00f3n maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la lectura de archivos arbitrarios. Esta vulnerabilidad se activa mediante el par\u00e1metro `downloadURL_webpimage`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wwbn:avideo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1AF6154-CDE7-45F9-9F6F-FDBC2D4E42B1"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1880",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-499xx/CVE-2023-49943.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-49943",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T19:15:09.340",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task's name in a time sheet."
}
],
"metrics": {},
"references": [
{
"url": "https://manageengine.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.manageengine.com/products/service-desk-msp/CVE-2023-49943.html",
"source": "cve@mitre.org"
}
]
}

64
CVE-2023/CVE-2023-501xx/CVE-2023-50127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50127",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T21:15:10.770",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:21:22.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "El sistema de alarma Hozard (Alarmsysteem) v1.0 es vulnerable a una autenticaci\u00f3n incorrecta. Los comandos enviados a trav\u00e9s de la funcionalidad SMS se aceptan desde n\u00fameros de tel\u00e9fono aleatorios, lo que permite a un atacante desarmar el sistema de alarma desde cualquier n\u00famero de tel\u00e9fono determinado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A297A-6C1D-4276-8153-C23EE75FB0BB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-501xx/CVE-2023-50159.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-50159",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.070",
"lastModified": "2024-01-18T17:56:59.883",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-18T19:15:09.400",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed."
"value": "In ScaleFusion (Windows Desktop App) agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode."
},
{
"lang": "es",
@ -68,6 +68,10 @@
}
],
"references": [
{
"url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org",

68
CVE-2023/CVE-2023-510xx/CVE-2023-51067.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51067",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:08.000",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:58:41.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted link."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) reflejado no autenticada en QStar Archive Solutions Release RELEASE_3-0 Build 7 permite a los atacantes ejecutar javascript arbitrario en el navegador de una v\u00edctima a trav\u00e9s de un enlace manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51067.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51068.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51068",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:08.053",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:58:47.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted link."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) reflejado autenticada en QStar Archive Solutions Release RELEASE_3-0 Build 7 permite a los atacantes ejecutar javascript arbitrario en el navegador de una v\u00edctima a trav\u00e9s de un enlace manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51068.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-513xx/CVE-2023-51350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51350",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T23:15:08.570",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:31:11.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,82 @@
"value": "Un ataque de suplantaci\u00f3n de identidad en ujcms v.8.0.2 permite a un atacante remoto obtener informaci\u00f3n confidencial y ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script dise\u00f1ado para la funci\u00f3n X-Forwarded-For en el encabezado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ujcms:ujcms:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B2489F-50F7-45FE-BC2E-9AA8E6309ADD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ujcms/ujcms",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/ujcms/ujcms/issues/7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://www.ujcms.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

10
CVE-2023/CVE-2023-517xx/CVE-2023-51748.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-51748",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.123",
"lastModified": "2024-01-18T18:45:55.020",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-18T19:15:09.460",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used."
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode."
},
{
"lang": "es",
@ -68,6 +68,10 @@
}
],
"references": [
{
"url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org",

10
CVE-2023/CVE-2023-517xx/CVE-2023-51749.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-51749",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.167",
"lastModified": "2024-01-18T18:54:46.507",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-18T19:15:09.520",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip."
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip. NOTE: the vendor's position is \"Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules.\""
},
{
"lang": "es",
@ -68,6 +68,10 @@
}
],
"references": [
{
"url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org",

14
CVE-2023/CVE-2023-517xx/CVE-2023-51750.json
View File

@ -2,16 +2,24 @@
"id": "CVE-2023-51750",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.230",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:15:09.587",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur."
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is \"Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules.\""
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque pueden ocurrir descargas de archivos."
}
],
"metrics": {},
"references": [
{
"url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51751.json
View File

@ -2,16 +2,24 @@
"id": "CVE-2023-51751",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.270",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:15:09.637",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used."
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode."
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque se puede usar Alt-F4."
}
],
"metrics": {},
"references": [
{
"url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org"

147
CVE-2023/CVE-2023-517xx/CVE-2023-51780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51780",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T19:15:12.500",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:59:04.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,156 @@
"value": "Se descubri\u00f3 un problema en el kernel de Linux anterior a 6.6.8. do_vcc_ioctl en net/atm/ioctl.c tiene un use after free debido a una condici\u00f3n de ejecuci\u00f3n vcc_recvmsg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "2.6.12",
"versionEndExcluding": "6.6.8",
"matchCriteriaId": "C5C35A7D-82A5-436F-925A-384D92679784"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*",
"matchCriteriaId": "32F2E5CA-13C6-4601-B530-D465CBF73D1C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

147
CVE-2023/CVE-2023-517xx/CVE-2023-51781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51781",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T19:15:12.553",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:58:50.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,156 @@
"value": "Se descubri\u00f3 un problema en el kernel de Linux anterior a 6.6.8. atalk_ioctl en net/appletalk/ddp.c tiene un use after free debido a una condici\u00f3n de ejecuci\u00f3n atalk_recvmsg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "2.6.12",
"versionEndExcluding": "6.6.8",
"matchCriteriaId": "C5C35A7D-82A5-436F-925A-384D92679784"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*",
"matchCriteriaId": "32F2E5CA-13C6-4601-B530-D465CBF73D1C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/torvalds/linux/commit/189ff16722ee36ced4d2a2469d4ab65a8fee4198",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

147
CVE-2023/CVE-2023-517xx/CVE-2023-51782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51782",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T19:15:12.727",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:31:37.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,156 @@
"value": "Se descubri\u00f3 un problema en el kernel de Linux anterior a 6.6.8. rose_ioctl en net/rose/af_rose.c tiene un use after free debido a una condici\u00f3n de ejecuci\u00f3n rose_accept."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "2.6.12",
"versionEndExcluding": "6.6.8",
"matchCriteriaId": "C5C35A7D-82A5-436F-925A-384D92679784"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*",
"matchCriteriaId": "32F2E5CA-13C6-4601-B530-D465CBF73D1C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/torvalds/linux/commit/810c38a369a0a0ce625b5c12169abce1dd9ccd53",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-517xx/CVE-2023-51790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51790",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T13:15:11.733",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:47:57.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,77 @@
"value": "Vulnerabilidad de Cross Site Scripting en piwigo v.14.0.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro lang en el componente del complemento Herramientas de Administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwigo:piwigo:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF997677-CC8C-40D2-BAA6-EF1374DC731F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Piwigo/AdminTools/issues/21",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/Piwigo/Piwigo/issues/2069",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-518xx/CVE-2023-51806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51806",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T13:15:11.807",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:58:15.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,81 @@
"value": "Vulnerabilidad de carga de archivos en Ujcms v.8.0.2 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ujcms:ujcms:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B2489F-50F7-45FE-BC2E-9AA8E6309ADD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ujcms/ujcms",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/ujcms/ujcms/issues/8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.ujcms.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

76
CVE-2023/CVE-2023-520xx/CVE-2023-52026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52026",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T13:15:11.860",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:20:30.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,79 @@
"value": "Se descubri\u00f3 que TOTOlink EX1800T V9.1.0cu.2112_B20220316 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s del par\u00e1metro telnet_enabled de la interfaz setTelnetCfg"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1800t_firmware:9.1.0cu.2112_b20220316:*:*:*:*:*:*:*",
"matchCriteriaId": "0A42AB5D-BBE3-46C5-B60E-0C5D0BE5BD61"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1800t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECDCF8F-01EE-4B54-AE5F-8793D54BB5A2"
}
]
}
]
}
],
"references": [
{
"url": "https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setTelnetCfg/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

101
CVE-2024/CVE-2024-03xx/CVE-2024-0333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0333",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-01-10T22:15:50.907",
"lastModified": "2024-01-13T20:15:45.073",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:39:16.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,110 @@
"value": "La validaci\u00f3n de datos insuficiente en Extensions de Google Chrome anteriores a 120.0.6099.216 permiti\u00f3 a un atacante en una posici\u00f3n privilegiada de la red instalar una extensi\u00f3n maliciosa a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "120.0.6099.216",
"matchCriteriaId": "D1ACDF60-8534-4076-8608-9101A21D917E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1513379",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BXC7FJIAZRY3P72XC4Z4UOW2QDA7YX7/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-04xx/CVE-2024-0408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0408",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-18T16:15:08.380",
"lastModified": "2024-01-18T16:15:08.380",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-04xx/CVE-2024-0409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0409",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-18T16:15:08.593",
"lastModified": "2024-01-18T16:15:08.593",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

65
CVE-2024/CVE-2024-04xx/CVE-2024-0412.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0412",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T17:15:08.843",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:20:05.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsshop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA7CDD3-CA8A-44D7-AA3E-D1FE4D5471E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsshop:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC91B69-2B20-40C6-80EF-00AD1469A5C1"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/Q56cf5nN9RzF",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250432",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250432",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2024/CVE-2024-04xx/CVE-2024-0413.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0413",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T17:15:09.060",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:12:44.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dskms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndIncluding": "3.1.2",
"matchCriteriaId": "F4C436DC-AE04-482A-95AF-9EE5A7BBCF58"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/MarH4fY66BgO",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250433",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250433",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

72
CVE-2024/CVE-2024-04xx/CVE-2024-0414.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0414",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T17:15:09.280",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:11:45.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dscms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndIncluding": "3.1.2",
"matchCriteriaId": "9350B0D7-927E-421D-898C-74816443206B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dscms:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BB0980-AE03-4570-B3AC-FE735DA04F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dscms:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17730E62-FFB9-46C6-A881-0F61D903792E"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/xYQMsARg83ui",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250434",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250434",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0415.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0415",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T18:15:44.223",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:10:13.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsmall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.1.0",
"matchCriteriaId": "838F429A-CC3F-492C-8605-559E8BE2E507"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/63LhFitJmKGR",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250435",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250435",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

60
CVE-2024/CVE-2024-04xx/CVE-2024-0416.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0416",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T18:15:44.460",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:09:52.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsmall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.0.3",
"matchCriteriaId": "B64D60D9-D298-41ED-8245-D76CA1EF5452"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/DxR7FZsCKJQ1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250436",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250436",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0417",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T18:15:44.687",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:07:08.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsshop:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1.5",
"matchCriteriaId": "D9F91FDD-776C-49C4-A867-82348943EE24"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/ZpRTCLblKd7N",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250437",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250437",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

68
CVE-2024/CVE-2024-04xx/CVE-2024-0418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0418",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T18:15:44.913",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:04:01.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,22 +95,58 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:upredsun:file_sharing_wizard:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.0",
"matchCriteriaId": "F3356706-BA28-4ED0-9383-73C77D5A5D4D"
}
]
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2024010023",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250438",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250438",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.youtube.com/watch?v=WK7xK9KHiMU",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-04xx/CVE-2024-0422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0422",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T19:15:13.750",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:24:44.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codeastro:pos_and_inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "912BD54C-7528-49DD-9A65-3328BA873592"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1_CoeXcCC8fXzKJO-Xvjuq1qYtf8QKHaM/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250441",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250441",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

60
CVE-2024/CVE-2024-04xx/CVE-2024-0423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0423",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T20:15:44.243",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:24:20.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codeastro:online_food_ordering_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06BD9CE2-F761-453D-B13F-6234AA0545A5"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1SaHrOPMV6yrBaS5pA7MOX8nsiVGxvlOa/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250442",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250442",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2024/CVE-2024-04xx/CVE-2024-0424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0424",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T20:15:44.473",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:23:57.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +105,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codeastro:simple_banking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82D034EC-9EA5-4594-8961-92AD4757D883"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1jr5YRrESDjcNmhpQRK5yHvvxNlYJp2oK/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250443",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250443",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

58
CVE-2024/CVE-2024-04xx/CVE-2024-0426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0426",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T21:15:12.453",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:27:23.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foru_cms_project:foru_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2020-06-23",
"matchCriteriaId": "EAC3894B-590E-44A9-A01C-A330C98EC000"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mi2acle/forucmsvuln/blob/master/sqli.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250445",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250445",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

139
CVE-2024/CVE-2024-04xx/CVE-2024-0443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0443",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-12T00:15:45.230",
"lastModified": "2024-01-14T15:15:46.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:16:39.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,22 +80,119 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.4",
"matchCriteriaId": "0F35D0CC-0461-4526-BC9C-091805061E47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "76061B41-CAE9-4467-BEDE-0FFC7956F2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A717BA5B-D535-46A0-A329-A25FE5CEC588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*",
"matchCriteriaId": "89CC80C6-F1EE-4AC7-BD21-DB3217BADE87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*",
"matchCriteriaId": "41EACEA1-FB69-4AF2-BC52-D39489858D42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*",
"matchCriteriaId": "9E1C36BE-F9D8-40B6-8281-5B8F9B42322D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0443",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257968",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/linux-block/20221215033132.230023-3-longman@redhat.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0460.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0460",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-12T16:15:52.577",
"lastModified": "2024-01-12T17:06:09.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:37:41.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Faculty Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/pages/student-print.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250565 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en los code-projects Faculty Management System 1.0 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo /admin/pages/student-print.php. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250565."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BxYQ/vul/blob/main/2Faculty%20Management%20System-SQL.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250565",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250565",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0492.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0492",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T15:15:08.770",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:52:29.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Kashipara Billing Software 1.0. Affected by this vulnerability is an unknown functionality of the file buyer_detail_submit.php of the component HTTP POST Request Handler. The manipulation of the argument gstn_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250597 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Kashipara Billing Software 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo buyer_detail_submit.php del componente HTTP POST Request Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento gstn_no conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250597."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kashipara:billing_software:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0706A5-5DE8-42DF-8980-9DBCF02A2A03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20sql.docx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250597",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250597",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0493.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0493",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T16:15:44.207",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:52:17.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Affected by this issue is some unknown functionality of the file submit_delivery_list.php of the component HTTP POST Request Handler. The manipulation of the argument customer_details leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250598 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Kashipara Billing Software 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo submit_delivery_list.php del componente HTTP POST Request Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento customer_details conduce a la inyecci\u00f3n SQL. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-250598 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kashipara:billing_software:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0706A5-5DE8-42DF-8980-9DBCF02A2A03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(5).docx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250598",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250598",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0494.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0494",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T16:15:44.543",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:32:53.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file material_bill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250599."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Kashipara Billing Software 1.0 y clasificada como cr\u00edtica. Una parte desconocida del archivo material_bill.php del componente HTTP POST Request Handler afecta a una parte desconocida. La manipulaci\u00f3n del argumento itemtypeid conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250599."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kashipara:billing_software:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0706A5-5DE8-42DF-8980-9DBCF02A2A03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(3).docx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250599",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250599",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0495.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0495",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T17:15:07.813",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:32:42.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file party_submit.php of the component HTTP POST Request Handler. The manipulation of the argument party_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250600."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Kashipara Billing Software 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo party_submit.php del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento party_name conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250600."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kashipara:billing_software:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0706A5-5DE8-42DF-8980-9DBCF02A2A03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(2).docx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250600",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250600",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-04xx/CVE-2024-0496.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0496",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T17:15:08.120",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:28:17.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file item_list_edit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250601 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Kashipara Billing Software 1.0 y clasificada como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo item_list_edit.php del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250601."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kashipara:billing_software:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0706A5-5DE8-42DF-8980-9DBCF02A2A03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(1).docx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250601",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250601",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-04xx/CVE-2024-0498.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0498",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T18:15:44.150",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:28:00.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250603."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Project Worlds Lawyer Management System 1.0. Ha sido declarada cr\u00edtica. Una funci\u00f3n desconocida del archivo searchLawyer.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento experience conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250603."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yugeshverma:online_lawyer_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D50A11E-4B14-4439-8347-1D18A36D2406"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/laoquanshi/heishou/blob/main/lawyermanagementsystem.doc",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250603",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250603",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-04xx/CVE-2024-0499.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0499",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T19:15:08.273",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:27:40.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester House Rental Management System 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250607."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en SourceCodester House Rental Management System 1.0 y clasificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido del archivo index.php. La manipulaci\u00f3n del argumento page conduce a cross site scripting. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250607."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:house_rental_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A111B1DB-C7DB-4CB9-847E-5BB67A86FD64"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1DTGd_IWdS_tMOQN0Pt1-MeZ4Yv3tXiRt/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250607",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250607",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-05xx/CVE-2024-0500.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0500",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T19:15:08.580",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:27:18.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in SourceCodester House Rental Management System 1.0. Affected is an unknown function of the component Manage Tenant Details. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250608."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en SourceCodester House Rental Management System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente Manage Tenant Details es afectada por esta funci\u00f3n. La manipulaci\u00f3n del argumento Name conduce a cross site scripting. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250608."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:house_rental_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A111B1DB-C7DB-4CB9-847E-5BB67A86FD64"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1z30nTAfoX58NqwIMXyHb3LB6Pv2bEm5v/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250608",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250608",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-05xx/CVE-2024-0501.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0501",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T20:15:45.137",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:26:56.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Manage Invoice Details. The manipulation of the argument Invoice leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250609 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en SourceCodester House Rental Management System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente Manage Invoice Details es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento Invoice conduce a cross site scripting. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250609."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:house_rental_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A111B1DB-C7DB-4CB9-847E-5BB67A86FD64"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1xEenTDcXwNYdOxY8kdQ142nRnbcHrTRv/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250609",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250609",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-05xx/CVE-2024-0502.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0502",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-13T20:15:45.390",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:53:03.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester House Rental Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file manage_user.php of the component Edit User. The manipulation of the argument id/name/username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250610 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en SourceCodester House Rental Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo Manage_user.php del componente Edit User es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento id/name/username conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-250610 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:house_rental_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A111B1DB-C7DB-4CB9-847E-5BB67A86FD64"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1DGb371-evTgstf42t3u2dOM4KBEt5mPw/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250610",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250610",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-06xx/CVE-2024-0607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0607",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-18T16:15:08.690",
"lastModified": "2024-01-18T16:15:08.690",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

40
CVE-2024/CVE-2024-206xx/CVE-2024-20675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20675",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-11T21:15:13.073",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:14:08.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "120.0.2210.133",
"matchCriteriaId": "68CC1657-459B-4112-820C-6725AA0F9DD7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20675",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-213xx/CVE-2024-21337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21337",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-11T22:15:46.500",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:13:58.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "120.0.2210.133",
"matchCriteriaId": "68CC1657-459B-4112-820C-6725AA0F9DD7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21337",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

512
CVE-2024/CVE-2024-215xx/CVE-2024-21591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21591",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:46.697",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:14:24.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,488 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "C445622E-8E57-4990-A71A-E1993BFCB91A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3s1:*:*:*:*:*:*",
"matchCriteriaId": "0B5A3193-CAB9-4BA8-AF4E-806F803996E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75729",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
}
]
}

427
CVE-2024/CVE-2024-215xx/CVE-2024-21594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21594",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:46.880",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:14:10.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,403 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75733",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
}
]
}

248
CVE-2024/CVE-2024-215xx/CVE-2024-21595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21595",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:47.063",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:37:57.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,224 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:23.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "0038F142-6F5E-476D-A1EC-E977FD30F155"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2521C83-E8F2-4621-9727-75BB3FC11E64"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5100-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD0F680-ED30-48F3-A5D9-988D510CFC0D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D790AD-D00F-4FED-96FE-3046C827356B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD9AD5C-947D-41EF-9969-FCCEB144984F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B86047DE-A0A0-4698-9414-B66C0FA7B544"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D6C74F-E85F-4D62-BDAF-FE619B467C76"
}
]
}
]
}
],
"references": [
{
"url": "https://advisory.juniper.net/JSA75734",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

654
CVE-2024/CVE-2024-216xx/CVE-2024-21606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21606",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:48.873",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:39:18.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,630 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE06B18-BFB5-4029-A05D-386CFBFBF683"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A1DCCD-208C-46D9-8E14-89592B49AB9A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826F893F-7B06-43B5-8653-A8D9794C052E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462CFD52-D3E2-4F7A-98AC-C589D2420556"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75747",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

614
CVE-2024/CVE-2024-216xx/CVE-2024-21607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21607",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.057",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:41:11.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,590 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D08A8D94-134A-41E7-8396-70D8B0735E9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84F7BB7E-3A52-4C23-A4D2-50E75C912AFC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7FB0CC-624D-4AB9-A7AC-BB19838C3B22"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75748",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

266
CVE-2024/CVE-2024-216xx/CVE-2024-21611.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21611",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.263",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:30:07.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,242 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75752",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

356
CVE-2024/CVE-2024-216xx/CVE-2024-21617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21617",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:50.230",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:28:48.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,332 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75758",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-216xx/CVE-2024-21641.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-21641",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-05T21:15:43.337",
"lastModified": "2024-01-05T22:12:18.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:42:19.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum `/logout` route includes a redirect parameter that allows any third party to redirect users from a (trusted) domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be confirmed. Guests are immediately redirected. This could be used by spammers to redirect to a web address using a trusted domain of a running Flarum installation. The vulnerability has been fixed and published as flarum/core v1.8.5. As a workaround, some extensions modifying the logout route can remedy this issue if their implementation is safe."
},
{
"lang": "es",
"value": "Flarum es un software de plataforma de discusi\u00f3n de c\u00f3digo abierto. Antes de la versi\u00f3n 1.8.5, la ruta `/logout` de Flarum incluye un par\u00e1metro de redirecci\u00f3n que permite a cualquier tercero redirigir a los usuarios desde un dominio (confiable) de la instalaci\u00f3n de Flarum para redirigir a cualquier enlace. Para los usuarios que han iniciado sesi\u00f3n, se debe confirmar el cierre de sesi\u00f3n. Los invitados son redirigidos inmediatamente. Los spammers podr\u00edan utilizar esto para redirigir a una direcci\u00f3n web utilizando un dominio confiable de una instalaci\u00f3n de Flarum en ejecuci\u00f3n. La vulnerabilidad ha sido reparada y publicada como flarum/core v1.8.5. Como workaround, algunas extensiones que modifican la ruta de cierre de sesi\u00f3n pueden solucionar este problema si su implementaci\u00f3n es segura."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flarum:flarum:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.5",
"matchCriteriaId": "D5C4E508-EB5A-43B9-B11C-81977B5BA70D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/flarum/flarum-core/commit/ee8b3b4ad1413a2b0971fdd9e40f812d2a3a9d3a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/flarum/framework/commit/7d70328471cf3091d92d95c382d277aec7996176",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/flarum/framework/security/advisories/GHSA-733r-8xcp-w9mr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-216xx/CVE-2024-21642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21642",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-05T22:15:43.190",
"lastModified": "2024-01-08T12:02:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:15:52.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:man:d-tale:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.9.0",
"matchCriteriaId": "D6B55BC0-CB00-4380-9679-A7E86C8D7B12"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/man-group/dtale/commit/954f6be1a06ff8629ead2c85c6e3f8e2196b3df2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/man-group/dtale/security/advisories/GHSA-7hfx-h3j3-rwq4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/man-group/dtale?tab=readme-ov-file#load-data--sample-datasets",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
}
]
}

90
CVE-2024/CVE-2024-219xx/CVE-2024-21982.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21982",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2024-01-12T00:15:45.450",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:16:20.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-alert@netapp.com",
"type": "Secondary",
@ -38,10 +58,74 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.4",
"versionEndExcluding": "9.8",
"matchCriteriaId": "A1AAAB2B-2589-4946-BBDD-A873D19326F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.8:-:*:*:*:*:*:*",
"matchCriteriaId": "2ABBF729-6A69-4CEC-9B3E-735C45D3069E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "2A6A96D7-45B2-46BE-8894-6DC3F565A8A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.10.1:-:*:*:*:*:*:*",
"matchCriteriaId": "21C64ED1-485F-4CCF-8114-70B2987B6674"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.11.1:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA41D1E-1184-448E-A5E4-7F8FDAACC638"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7E7FAAAB-2BE5-4173-8CC6-669A9D29D446"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.13.1:-:*:*:*:*:*:*",
"matchCriteriaId": "3D704DC8-A679-4293-81CE-70F4FEE89530"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240111-0001/",
"source": "security-alert@netapp.com"
"source": "security-alert@netapp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-220xx/CVE-2024-22027.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22027",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-12T07:15:12.243",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:02:46.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta en WordPress Quiz Maker Plugin anterior a 6.5.0.6 permite a un atacante remoto autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) contra servicios externos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ays-pro:quiz_maker:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.5.0.6",
"matchCriteriaId": "D10A3F01-F9B4-4A5F-ABB4-3972679C093D"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN37326856/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wordpress.org/plugins/quiz-maker/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

118
CVE-2024/CVE-2024-221xx/CVE-2024-22196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22196",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T20:15:44.923",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:22:21.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,104 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "B4426F94-540E-497C-AE75-04126AF12112"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3C287A7F-66B4-406A-B87B-B954A1CA6D44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "25DD91AC-465B-4A43-A79F-4DE47243741C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "115588C7-D947-4576-9E6C-B5AF1FCE9A29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "BBB20EA3-F3CF-42AF-A217-D5DF7A7ADD70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4_patch:*:*:*:*:*:*",
"matchCriteriaId": "81A6C732-FBF2-44A8-B810-456E54B59A09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8C5664E5-150E-4B4B-BA0C-420738820FF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5_patch:*:*:*:*:*:*",
"matchCriteriaId": "7E764AA1-3060-441F-8F14-ADD165316741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "04A3E84F-91AA-420A-B908-3393E037AC44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch:*:*:*:*:*:*",
"matchCriteriaId": "828EAE87-24E5-4F31-B301-BA2F96BDEA42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch2:*:*:*:*:*:*",
"matchCriteriaId": "45710D36-954A-4450-B622-CB0F368DF544"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "2B57EEFB-5518-4BD5-998A-34B6690A6F4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "8EDF4CEE-F24D-441B-92A8-7F5A2B41487E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8_patch:*:*:*:*:*:*",
"matchCriteriaId": "F0275FDF-BAE8-4909-8991-6FCE34B8905E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

118
CVE-2024/CVE-2024-221xx/CVE-2024-22197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22197",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T18:15:45.140",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:59:28.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,104 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "B4426F94-540E-497C-AE75-04126AF12112"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3C287A7F-66B4-406A-B87B-B954A1CA6D44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "25DD91AC-465B-4A43-A79F-4DE47243741C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "115588C7-D947-4576-9E6C-B5AF1FCE9A29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "BBB20EA3-F3CF-42AF-A217-D5DF7A7ADD70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4_patch:*:*:*:*:*:*",
"matchCriteriaId": "81A6C732-FBF2-44A8-B810-456E54B59A09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8C5664E5-150E-4B4B-BA0C-420738820FF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5_patch:*:*:*:*:*:*",
"matchCriteriaId": "7E764AA1-3060-441F-8F14-ADD165316741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "04A3E84F-91AA-420A-B908-3393E037AC44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch:*:*:*:*:*:*",
"matchCriteriaId": "828EAE87-24E5-4F31-B301-BA2F96BDEA42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch2:*:*:*:*:*:*",
"matchCriteriaId": "45710D36-954A-4450-B622-CB0F368DF544"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "2B57EEFB-5518-4BD5-998A-34B6690A6F4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "8EDF4CEE-F24D-441B-92A8-7F5A2B41487E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8_patch:*:*:*:*:*:*",
"matchCriteriaId": "F0275FDF-BAE8-4909-8991-6FCE34B8905E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

143
CVE-2024/CVE-2024-221xx/CVE-2024-22198.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22198",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T20:15:45.120",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T19:14:25.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,34 +70,139 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "B4426F94-540E-497C-AE75-04126AF12112"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3C287A7F-66B4-406A-B87B-B954A1CA6D44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "25DD91AC-465B-4A43-A79F-4DE47243741C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "115588C7-D947-4576-9E6C-B5AF1FCE9A29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "BBB20EA3-F3CF-42AF-A217-D5DF7A7ADD70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4_patch:*:*:*:*:*:*",
"matchCriteriaId": "81A6C732-FBF2-44A8-B810-456E54B59A09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8C5664E5-150E-4B4B-BA0C-420738820FF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5_patch:*:*:*:*:*:*",
"matchCriteriaId": "7E764AA1-3060-441F-8F14-ADD165316741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "04A3E84F-91AA-420A-B908-3393E037AC44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch:*:*:*:*:*:*",
"matchCriteriaId": "828EAE87-24E5-4F31-B301-BA2F96BDEA42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch2:*:*:*:*:*:*",
"matchCriteriaId": "45710D36-954A-4450-B622-CB0F368DF544"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "2B57EEFB-5518-4BD5-998A-34B6690A6F4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "8EDF4CEE-F24D-441B-92A8-7F5A2B41487E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8_patch:*:*:*:*:*:*",
"matchCriteriaId": "F0275FDF-BAE8-4909-8991-6FCE34B8905E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-222xx/CVE-2024-22212.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-22212",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T19:15:10.353",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector is upgraded to version 1.4.1, 2.1.2, 2.3.4 or 2.4.5. There are no known workarounds for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/globalsiteselector/commit/ab5da57190d5bbc79079ce4109b6bcccccd893ee",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vj5q-f63m-wp77",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2248689",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2024/CVE-2024-222xx/CVE-2024-22213.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-22213",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T20:15:08.113",
"lastModified": "2024-01-18T20:15:08.113",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users could be tricked into executing malicious code that would execute in their browser via HTML sent as a comment. It is recommended that the Nextcloud Deck is upgraded to version 1.9.5 or 1.11.2. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 0.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/deck/commit/91f1557362047f8840f53151f176b80148650bcd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mg7w-x9fm-9wwc",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2058556",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2024/CVE-2024-224xx/CVE-2024-22400.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-22400",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T20:15:08.360",
"lastModified": "2024-01-18T20:15:08.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-622q-xhfr-xmv7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/user_saml/commit/b184304a476deeba36e92b70562d5de7c2f85f8a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/user_saml/pull/788",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2263044",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2024/CVE-2024-224xx/CVE-2024-22403.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-22403",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T20:15:08.610",
"lastModified": "2024-01-18T20:15:08.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.0,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/server/pull/40766",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/1784162",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2024/CVE-2024-224xx/CVE-2024-22419.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-22419",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T19:15:10.550",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in commit `55e18f6d1` which will be included in future releases. Users are advised to update when possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/commit/55e18f6d128b2da8986adbbcccf1cd59a4b9ad6f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vyperlang/vyper/issues/3737",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-2q8v-3gqq-4f8p",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2024/CVE-2024-224xx/CVE-2024-22494.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-22494",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T16:15:52.890",
"lastModified": "2024-01-12T17:06:09.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:39:35.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save mobile parameter, which allows remote attackers to inject arbitrary web script or HTML."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de XSS almacenado en JFinalcms 5.0.0 a trav\u00e9s del par\u00e1metro /gusetbook/save mobile, que permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jfinalcms_project:jfinalcms:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0813B8F4-66B1-42C6-83A7-831B13233428"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20moblie%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20moblie%20para.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-226xx/CVE-2024-22601.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22601",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.417",
"lastModified": "2024-01-18T17:15:14.417",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-226xx/CVE-2024-22603.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22603",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.480",
"lastModified": "2024-01-18T17:15:14.480",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-226xx/CVE-2024-22699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22699",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T16:15:09.020",
"lastModified": "2024-01-18T16:15:09.020",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-228xx/CVE-2024-22817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22817",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.530",
"lastModified": "2024-01-18T17:15:14.530",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-228xx/CVE-2024-22818.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22818",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.577",
"lastModified": "2024-01-18T17:15:14.577",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-228xx/CVE-2024-22819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22819",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.623",
"lastModified": "2024-01-18T17:15:14.623",
"vulnStatus": "Received",
"lastModified": "2024-01-18T19:25:46.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

84
CVE-2024/CVE-2024-231xx/CVE-2024-23171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23171",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T05:15:10.033",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:23:45.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,89 @@
"value": "Se descubri\u00f3 un problema en la extensi\u00f3n CampaignEvents en MediaWiki antes de 1.35.14, 1.36.x hasta 1.39.x antes de 1.39.6 y 1.40.x antes de 1.40.2. La p\u00e1gina Special:EventDetails permite XSS a trav\u00e9s de la configuraci\u00f3n de idioma x-xss para la internacionalizaci\u00f3n (i18n)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.35.14",
"matchCriteriaId": "518A7A3D-741F-405B-8220-982093DF53E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.36.0",
"versionEndExcluding": "1.39.6",
"matchCriteriaId": "9FCCA5D1-C639-4407-917F-95A949E639A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.40.0",
"versionEndExcluding": "1.40.2",
"matchCriteriaId": "3EF19DE5-1D79-4001-ABA1-D648AD6610D6"
}
]
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/q/I70d71c409193e904684dfb706d424b0a815fa6f6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://phabricator.wikimedia.org/T348343",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-231xx/CVE-2024-23172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23172",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T05:15:10.187",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T20:23:36.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,90 @@
"value": "Se descubri\u00f3 un problema en la extensi\u00f3n CheckUser en MediaWiki antes de 1.35.14, 1.36.x hasta 1.39.x antes de 1.39.6 y 1.40.x antes de 1.40.2. XSS puede ocurrir a trav\u00e9s de definiciones de mensajes. por ejemplo, en SpecialCheckUserLog."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.35.14",
"matchCriteriaId": "518A7A3D-741F-405B-8220-982093DF53E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.36.0",
"versionEndExcluding": "1.39.6",
"matchCriteriaId": "9FCCA5D1-C639-4407-917F-95A949E639A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.40.0",
"versionEndExcluding": "1.40.2",
"matchCriteriaId": "3EF19DE5-1D79-4001-ABA1-D648AD6610D6"
}
]
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CheckUser/+/989179",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://phabricator.wikimedia.org/T347708",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More