admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-15T13:00:25.127058+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-15 13:00:28 +00:00
parent 2bc03251e2
commit 124857bd03
5 changed files with 163 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
CVE-2023/CVE-2023-40xx/CVE-2023-4001.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-4001",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T11:15:08.270",
"lastModified": "2024-01-15T12:15:43.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the \"/boot/\" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was introduced in a downstream patch in Red Hat's version of grub2 and does not affect the upstream package."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo de omisi\u00f3n de autenticaci\u00f3n en GRUB debido a la forma en que GRUB usa el UUID de un dispositivo para buscar el archivo de configuraci\u00f3n que contiene el hash de contrase\u00f1a para la funci\u00f3n de protecci\u00f3n de contrase\u00f1a de GRUB. Un atacante capaz de conectar una unidad externa, como una memoria USB que contenga un sistema de archivos con un UUID duplicado (el mismo que en el sistema de archivos \"/boot/\") puede omitir la funci\u00f3n de protecci\u00f3n con contrase\u00f1a GRUB en los sistemas UEFI, que enumeran unidades extra\u00edbles. antes que los no removibles. Este problema se introdujo en un parche posterior en la versi\u00f3n de grub2 de Red Hat y no afecta el paquete anterior."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.4,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4001",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224951",
"source": "secalert@redhat.com"
},
{
"url": "https://dfir.ru/2024/01/15/cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager/",
"source": "secalert@redhat.com"
}
]
}

24
CVE-2023/CVE-2023-462xx/CVE-2023-46226.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-46226",
"sourceIdentifier": "security@apache.org",
"published": "2024-01-15T11:15:07.963",
"lastModified": "2024-01-15T11:15:07.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2.\n\nUsers are recommended to upgrade to version 1.3.0, which fixes the issue.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Apache IoTDB. Este problema afecta a Apache IoTDB: desde 1.0.0 hasta 1.2.2. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.3.0, que soluciona el problema."
}
],
"metrics": {},
"references": [
{
"url": "https://lists.apache.org/thread/293b4ob65ftnfwyf62fb9zh8gwdy38hg",
"source": "security@apache.org"
}
]
}

59
CVE-2023/CVE-2023-52xx/CVE-2023-5253.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5253",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-01-15T11:15:08.627",
"lastModified": "2024-01-15T11:15:08.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.\n\n\n\nMalicious unauthenticated users with knowledge on the underlying system may be able to extract asset information.\n\n\n\n"
},
{
"lang": "es",
"value": "Una verificaci\u00f3n de autenticaci\u00f3n faltante en el canal WebSocket utilizado para la integraci\u00f3n de Check Point IoT en Nozomi Networks Guardian y CMC puede permitir que un atacante no autenticado obtenga datos de activos sin autenticaci\u00f3n. Los usuarios maliciosos no autenticados con conocimiento sobre el sistema subyacente pueden extraer informaci\u00f3n de activos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:12-01",
"source": "prodsec@nozominetworks.com"
}
]
}

10
CVE-2023/CVE-2023-61xx/CVE-2023-6129.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-6129",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2024-01-09T17:15:12.147",
"lastModified": "2024-01-09T19:56:14.023",
"lastModified": "2024-01-15T12:15:43.400",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However unless the compiler uses the vector registers for storing\npointers, the most likely consequence, if any, would be an incorrect result\nof some application dependent calculations or a crash leading to a denial of\nservice.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\nclient can influence whether this AEAD cipher is used. This implies that\nTLS server applications using OpenSSL can be potentially impacted. However\nwe are currently not aware of any concrete application that would be affected\nby this issue therefore we consider this a Low severity security issue."
},
{
"lang": "es",
"value": "Resumen del problema: la implementaci\u00f3n POLY1305 MAC (c\u00f3digo de autenticaci\u00f3n de mensajes) contiene un error que podr\u00eda da\u00f1ar el estado interno de las aplicaciones que se ejecutan en plataformas basadas en CPU PowerPC si la CPU proporciona instrucciones vectoriales. Resumen del impacto: si un atacante puede influir en el uso del algoritmo MAC POLY1305, el estado de la aplicaci\u00f3n podr\u00eda corromperse con varias consecuencias dependientes de la aplicaci\u00f3n. La implementaci\u00f3n POLY1305 MAC (c\u00f3digo de autenticaci\u00f3n de mensajes) en OpenSSL para CPU PowerPC restaura el contenido de los registros vectoriales en un orden diferente al que se guardan. Por lo tanto, el contenido de algunos de estos registros vectoriales se corrompe cuando regresa al llamante. El c\u00f3digo vulnerable se utiliza s\u00f3lo en procesadores PowerPC m\u00e1s nuevos que admiten las instrucciones PowerISA 2.07. Las consecuencias de este tipo de corrupci\u00f3n del estado de la aplicaci\u00f3n interna pueden ser diversas: desde ninguna consecuencia, si la aplicaci\u00f3n que llama no depende en absoluto del contenido de los registros XMM no vol\u00e1tiles, hasta las peores consecuencias, donde el atacante podr\u00eda obtener el control total de el proceso de solicitud. Sin embargo, a menos que el compilador utilice registros vectoriales para almacenar punteros, la consecuencia m\u00e1s probable, si la hubiera, ser\u00eda un resultado incorrecto de algunos c\u00e1lculos dependientes de la aplicaci\u00f3n o una falla que provocar\u00eda una denegaci\u00f3n de servicio. El algoritmo POLY1305 MAC se utiliza con mayor frecuencia como parte del algoritmo CHACHA20-POLY1305 AEAD (cifrado autenticado con datos asociados). El uso m\u00e1s com\u00fan de este cifrado AEAD es con las versiones 1.2 y 1.3 del protocolo TLS. Si este cifrado est\u00e1 habilitado en el servidor, un cliente malicioso puede influir en si se utiliza este cifrado AEAD. Esto implica que las aplicaciones del servidor TLS que utilizan OpenSSL pueden verse potencialmente afectadas. Sin embargo, actualmente no conocemos ninguna aplicaci\u00f3n concreta que pueda verse afectada por este problema, por lo que lo consideramos un problema de seguridad de gravedad baja."
}
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/09/1",
"source": "openssl-security@openssl.org"
},
{
"url": "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35",
"source": "openssl-security@openssl.org"

15
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-15T11:00:24.909243+00:00
2024-01-15T13:00:25.127058+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-15T10:15:26.627000+00:00
2024-01-15T12:15:43.400000+00:00
```
### Last Data Feed Release
@ -29,22 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
235899
235902
```
### CVEs added in the last Commit
Recently added CVEs: `3`
* [CVE-2023-46749](CVE-2023/CVE-2023-467xx/CVE-2023-46749.json) (`2024-01-15T10:15:26.380`)
* [CVE-2023-50290](CVE-2023/CVE-2023-502xx/CVE-2023-50290.json) (`2024-01-15T10:15:26.527`)
* [CVE-2023-6915](CVE-2023/CVE-2023-69xx/CVE-2023-6915.json) (`2024-01-15T10:15:26.627`)
* [CVE-2023-46226](CVE-2023/CVE-2023-462xx/CVE-2023-46226.json) (`2024-01-15T11:15:07.963`)
* [CVE-2023-5253](CVE-2023/CVE-2023-52xx/CVE-2023-5253.json) (`2024-01-15T11:15:08.627`)
* [CVE-2023-4001](CVE-2023/CVE-2023-40xx/CVE-2023-4001.json) (`2024-01-15T11:15:08.270`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
* [CVE-2023-6129](CVE-2023/CVE-2023-61xx/CVE-2023-6129.json) (`2024-01-15T12:15:43.400`)
## Download and Usage