From 1130de1b1bb617e318b69066e46d02d3ad65ca93 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 26 Aug 2024 04:03:12 +0000 Subject: [PATCH] Auto-Update: 2024-08-26T04:00:16.623490+00:00 --- CVE-2024/CVE-2024-429xx/CVE-2024-42992.json | 32 ++++-------- CVE-2024/CVE-2024-80xx/CVE-2024-8073.json | 56 +++++++++++++++++++++ README.md | 22 +++----- _state.csv | 19 +++---- 4 files changed, 84 insertions(+), 45 deletions(-) create mode 100644 CVE-2024/CVE-2024-80xx/CVE-2024-8073.json diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42992.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42992.json index 907141fc1bd..011341cde74 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42992.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42992.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42992", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-23T18:15:07.427", - "lastModified": "2024-08-23T19:35:17.200", + "lastModified": "2024-08-26T03:35:00.920", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -18,35 +18,23 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N", + "attackVector": "LOCAL", "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", + "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "baseScore": 0.0, + "baseSeverity": "NONE" }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "exploitabilityScore": 1.3, + "impactScore": 0.0 } ] }, - "weaknesses": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], "references": [ { "url": "https://github.com/juwenyi/CVE-2024-42992", diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8073.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8073.json new file mode 100644 index 00000000000..d1fb8840b04 --- /dev/null +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8073.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8073", + "sourceIdentifier": "sec@hillstonenet.com", + "published": "2024-08-26T03:15:03.607", + "lastModified": "2024-08-26T03:15:03.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from\u00a05.5R6-2.6.7 through 5.5R6-2.8.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sec@hillstonenet.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "sec@hillstonenet.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/", + "source": "sec@hillstonenet.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 1960e1666e2..4f65f70cce4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-25T23:55:16.758861+00:00 +2024-08-26T04:00:16.623490+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-25T23:15:04.123000+00:00 +2024-08-26T03:35:00.920000+00:00 ``` ### Last Data Feed Release @@ -27,33 +27,27 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-08-25T00:00:08.645328+00:00 +2024-08-26T00:00:08.716970+00:00 ``` ### Total Number of included CVEs ```plain -261123 +261124 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `1` -- [CVE-2024-45258](CVE-2024/CVE-2024-452xx/CVE-2024-45258.json) (`2024-08-25T22:15:05.233`) -- [CVE-2024-8150](CVE-2024/CVE-2024-81xx/CVE-2024-8150.json) (`2024-08-25T22:15:05.310`) -- [CVE-2024-8151](CVE-2024/CVE-2024-81xx/CVE-2024-8151.json) (`2024-08-25T22:15:05.647`) -- [CVE-2024-8152](CVE-2024/CVE-2024-81xx/CVE-2024-8152.json) (`2024-08-25T23:15:03.380`) -- [CVE-2024-8153](CVE-2024/CVE-2024-81xx/CVE-2024-8153.json) (`2024-08-25T23:15:03.633`) -- [CVE-2024-8154](CVE-2024/CVE-2024-81xx/CVE-2024-8154.json) (`2024-08-25T23:15:03.873`) -- [CVE-2024-8155](CVE-2024/CVE-2024-81xx/CVE-2024-8155.json) (`2024-08-25T23:15:04.123`) -- [CVE-2024-8158](CVE-2024/CVE-2024-81xx/CVE-2024-8158.json) (`2024-08-25T22:15:05.903`) +- [CVE-2024-8073](CVE-2024/CVE-2024-80xx/CVE-2024-8073.json) (`2024-08-26T03:15:03.607`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-42992](CVE-2024/CVE-2024-429xx/CVE-2024-42992.json) (`2024-08-26T03:35:00.920`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 69636db7bde..a08eb242c73 100644 --- a/_state.csv +++ b/_state.csv @@ -258016,7 +258016,7 @@ CVE-2024-42985,0,0,fd3e2b3b518908e52ebda25c2cfe8cc913346bb2192127a6006d7d26017d6 CVE-2024-42986,0,0,0b2d204ff26f9eb28ce17ac6820e07d93d61424a006dadbf321ab643bf7229ed,2024-08-19T21:35:07.937000 CVE-2024-42987,0,0,be14eefacd9f282e13e394cb1aeefe62ea3c84389f7783546c46d3192df9881f,2024-08-16T13:26:27.123000 CVE-2024-4299,0,0,2eb1fe754d25d4fca4f14435247c4dce7f2aa132c3677595429d39db730cdde4,2024-07-03T21:15:04.313000 -CVE-2024-42992,0,0,c4392e7dde315ec004f62408eaed3a3841499f2b587560cffafead4359cb7a1e,2024-08-23T19:35:17.200000 +CVE-2024-42992,0,1,8a863468de3dad3c6493d9d4c020f4a2a7cdc5bc120ee9106c6007a1675d9c92,2024-08-26T03:35:00.920000 CVE-2024-42994,0,0,46088bee324f9fb8a88606d17f14c9f666ebd59ae6a0d59deea5611547b28ba5,2024-08-19T13:00:23.117000 CVE-2024-42995,0,0,5fe3b52ce312f2adad41265b1d44f25534179e7b5138e6f382ca4cb8e97a4739,2024-08-19T13:00:23.117000 CVE-2024-4300,0,0,9683d559686bc261042c0ad86aeb3d06ca0ebb649bc8d0eaba9f4d32c108bd00,2024-04-29T12:42:03.667000 @@ -258513,7 +258513,7 @@ CVE-2024-4524,0,0,8e732eea1a281702bf1b965cf73e8243f70f2376e5e0521757bce661838200 CVE-2024-45240,0,0,fccbd301154823cd83da805270cd48452cd27b133537c22483ab00d65d1ebe85,2024-08-24T23:15:04.407000 CVE-2024-45244,0,0,6e075e943c98352c2e762d260bf382b0036cbff6ae4e654def3cf374015dfff5,2024-08-25T02:15:03.383000 CVE-2024-4525,0,0,dfe2a87106534aea559d2a64c000518f6d0b8952ad5d7b752f8fc10ec2414d43,2024-06-04T19:20:41.620000 -CVE-2024-45258,1,1,f477567a010a29e06a64d570d29212ea3e6c85c5d662ad9504b5c9c2458e06b1,2024-08-25T22:15:05.233000 +CVE-2024-45258,0,0,f477567a010a29e06a64d570d29212ea3e6c85c5d662ad9504b5c9c2458e06b1,2024-08-25T22:15:05.233000 CVE-2024-4526,0,0,87a45e4eb41404ceb4b9ba3ca9513f18cac2687a381a0d6211a80485bbac625a,2024-06-04T19:20:41.720000 CVE-2024-4527,0,0,c7ad79186f39af6c4287cf90f197f2ec298291b738fc5af7e4ddede8b4e9adfb,2024-06-04T19:20:41.810000 CVE-2024-4528,0,0,7b720d00d965c73e07e6aefd4c36ac932b079840a05c5efc530ca8c4800fb595,2024-06-04T19:20:41.917000 @@ -261079,6 +261079,7 @@ CVE-2024-8035,0,0,e11fe8c378f080395f404658baee2e1c5cd70ef826bdf0b13fe46f85c653ad CVE-2024-8041,0,0,530afb8d20f30d401c1d7f8908c798a45edf30b2f924035dda7c4300ee7ef6f4,2024-08-23T16:18:28.547000 CVE-2024-8071,0,0,ac7c2c7e7df896f6bfe7f17a6e74f8de236e5ec843865384cdf53fde1e533098,2024-08-23T15:34:53.913000 CVE-2024-8072,0,0,08fafb0bed7b0568fefcb8938e0e01cf4acf3cb153d4b847bc3e1d9427344a62,2024-08-22T14:35:18.797000 +CVE-2024-8073,1,1,e7cef33587501413797c2ba422a65510e23499f19c86673b8b5cd7eb46810814,2024-08-26T03:15:03.607000 CVE-2024-8075,0,0,8f01959220c32e8ddcbc58487f8fa6b34cdc1a5defab50c9b78b1ba461583006,2024-08-23T16:18:28.547000 CVE-2024-8076,0,0,10377596855ef60bf83b0daca578a2df05cf4e44ae663aebcbbf7ceaec7d91f8,2024-08-23T16:18:28.547000 CVE-2024-8077,0,0,dfaba62e1a5ac86b8269d34e4d8f061b3115ba664d3b281f9df2a189f223678e,2024-08-23T16:18:28.547000 @@ -261115,10 +261116,10 @@ CVE-2024-8144,0,0,88fed21edfd93fa7bca725ad2225251a9d109041c2e48809ee1ed796915b95 CVE-2024-8145,0,0,78b78143837f5c0df569416f880d975eb45acf9e0ac0d1c0640b30f4b266e1ba,2024-08-25T06:15:03.910000 CVE-2024-8146,0,0,1a014ee97b984953eab99f79670e8f6f85a815565363ce01758e7ec2838e752e,2024-08-25T08:15:03.597000 CVE-2024-8147,0,0,1943d5219ce6820bb91164b12575bc9bc6449d1368374a8bac82f600f631e34c,2024-08-25T09:15:04.243000 -CVE-2024-8150,1,1,82aef3aeae1a5d24adb9e4f27dc0040a04dfe65e0ae4c6c042ea0e03711eb974,2024-08-25T22:15:05.310000 -CVE-2024-8151,1,1,3262b5ed95074a0b8d309a398373fde93220a32a4b908488a88c2ab413408da0,2024-08-25T22:15:05.647000 -CVE-2024-8152,1,1,253fcf63ae0d5c22df7cbe7931b470029fb9625910a5e11c94b7f629d93f3e7d,2024-08-25T23:15:03.380000 -CVE-2024-8153,1,1,dfc4d04c4fbd06b0923ec07bfc19963cc72052dcc6c147bd97ffdd59ff8f8475,2024-08-25T23:15:03.633000 -CVE-2024-8154,1,1,618a11194c7687b74544b6939c2600e264a0b2ac3dca5b301df7302a1e3ac166,2024-08-25T23:15:03.873000 -CVE-2024-8155,1,1,83ac7e698fc7bba5c7db7ba4fc8c2590235a58fb4cbfdc6191eb0c3f95b723da,2024-08-25T23:15:04.123000 -CVE-2024-8158,1,1,f18a2842260369752caf57a130caf674f0864f15f2f96231792194e96367a2af,2024-08-25T22:15:05.903000 +CVE-2024-8150,0,0,82aef3aeae1a5d24adb9e4f27dc0040a04dfe65e0ae4c6c042ea0e03711eb974,2024-08-25T22:15:05.310000 +CVE-2024-8151,0,0,3262b5ed95074a0b8d309a398373fde93220a32a4b908488a88c2ab413408da0,2024-08-25T22:15:05.647000 +CVE-2024-8152,0,0,253fcf63ae0d5c22df7cbe7931b470029fb9625910a5e11c94b7f629d93f3e7d,2024-08-25T23:15:03.380000 +CVE-2024-8153,0,0,dfc4d04c4fbd06b0923ec07bfc19963cc72052dcc6c147bd97ffdd59ff8f8475,2024-08-25T23:15:03.633000 +CVE-2024-8154,0,0,618a11194c7687b74544b6939c2600e264a0b2ac3dca5b301df7302a1e3ac166,2024-08-25T23:15:03.873000 +CVE-2024-8155,0,0,83ac7e698fc7bba5c7db7ba4fc8c2590235a58fb4cbfdc6191eb0c3f95b723da,2024-08-25T23:15:04.123000 +CVE-2024-8158,0,0,f18a2842260369752caf57a130caf674f0864f15f2f96231792194e96367a2af,2024-08-25T22:15:05.903000